JumpCloud

Integrating JumpCloud with env0 as a SAML provider

Introduction

This guide will detail the various steps required to integrate Jump Cloud as a SAML provider for your env0 organization. The current implementation supports SAML 2.0 and is used for authentication only, where you define your users in your Jump Cloud account to enable them access to your env0 organization.

Steps

  1. Login to the Jump Cloud admin console.
  2. Under the User Authentication menu click on the SSO.
  3. Add a new application.
  4. Click on the “Custom SAML app”.
  1. In the General Info tab fill in the Display name as env0 add a description and choose a color indication or upload the env0 logo.
  2. In the SSO tab fill in the following information:
  • IdP Entity ID - https://login.app.env0.com/login/callback?connection={YOUR_ENV0_ORG_ID}
  • SP Entity ID - urn:auth0:env0:{YOUR_ENV0_ORG_ID}
  • ACS URL - https://login.app.env0.com/login/callback?connection={YOUR_ENV0_ORG_ID}
  • SP Certificate: Upload this file
  • SAMLSubject NameID: email
  • SAMLSubject NameID Format: urn:oasis:names:tc:SAML:2.0:nameid-format:unspecified
  • Signature Algorithm: RSA-SHA256
  • Groups Attributes: Check the include group attribute and set it to be teams
  • Attributes:

Service Provider Attribute Name

JumpCloud Attribute Name

email

email

firstName

firstname

lastName

lastname

name

fullname

🚧

Temas Syncing

Teams will be synced each time a user will login with the following logic:

env0 will create a new team if one doesn't exists based on the group name we received from the SMAL provider.
If the team exists in env0 we will not create a new team.
We will assign the user to all the teams in env0 based on the group names he is part of in the SMAL provider..
If the user was removed from a group in the SAML provider we will remove him from the team in env0.

  1. In the User Groups tab Select the group of users you would like them to have access to the env0 platform.
  2. Click on the activate button and create the application.
  3. Go to the env0 application to edit it.
  4. In the right hand side click on the IDP Certificate dropdown and click on the Download certificate option.
  5. In the SSO tab copy the IDP URL
  6. Please send your account manager the IDP URL and the certificate.

Did this page help you?