JumpCloud SSO SAML Integration

SimpleMDM integrates with JumpCloud using the Security Assertion Markup Language (SAML) standard.This guide will explain how to designate an JumpCloud account as a trusted identity provider (IdP) for authenticating administrators of your SimpleMDM account.

As the JumpCloud user interface may change, this guide has been written to provide a general process for getting up and running.

In JumpCloud:

  1. Sign in to the JumpCloud admin console.
  2. Go to Applications.
  3. Click the "+" to configure a new application.
  4. Enter "SAML" in the search bar.
  5. Locate the SAML listing and click 'Configure'.
  6. In the 'IDP Entity ID' field, enter your unique URL or identifier.
  7. Generate a 'private.pem' file, click 'Upload IdP Privacy Key' and upload the file.
  8. Generate a 'cert.pem' file, click 'Upload IdP Certificate' and upload the file.
  9. Enter "https://sso.jumpcloud.com/saml2/simplemdm" in the IDP URL field.
  10. Enter "SimpleMDM" in the Display Label field.
  11. Click 'Activate'.

In SimpleMDM:

  1. Sign in to SimpleMDM.
  2. Navigate to Settings > Users.
  3. Click the 'Settings' tab.
  4. Under the 'Single Sign On with SAML' section, select "Yes" to enable SAML.
  5. In the Short Name field, enter your company name (must be one word - no spaces or special characters).
  6. Click 'Save'. The fields under 'SimpleMDM Information' will automatically populate.
  7. In the 'Endpoint URL' field under the 'Identity Provider Information' section, enter "https://sso.jumpcloud.com/saml2/simplemdm".
  8. Copy and paste your SHA-1 fingerprint or drag and drop your 'cert.pem' certificate into the 'X.509 fingerprint or certificate field' field.
  9. Click 'Save'.

Finally, add values from SimpleMDM to JumpCloud:

  1. Copy the value from the 'Audience' field in SimpleMDM and paste it in the 'SP Entity ID' field in JumpCloud.
  2. Copy the value from the 'SAML Consumer URL' field in SimpleMDM and paste it into the 'ACS URL' field in JumpCloud.
  3. Click 'Save'.

Note: if any information in this article does not quite match up due to changes in the JumpCloud interface, you may also refer to JumpCloud's documentation here: https://support.jumpcloud.com/customer/en/portal/articles/2970650-single-sign-on-sso-with-simplemdm