# JumpCloud This article provides step-by-step instructions for integrating **JumpCloud SSO (SAML 2.0)** with your custom application. ## **Prerequisites** Before you begin, ensure the following: * Admin access to the JumpCloud Admin Console * A custom application that supports SAML 2.0 authentication * A valid SSL certificate on your application * Access to modify the SAML configuration in your application ## Steps Involved 1. **Create a New SSO Application in JumpCloud** * Log in to JumpCloud ([https://console.jumpcloud.com/login/](https://console.jumpcloud.com/login/?utm_source=chatgpt.com)) Admin Console and navigate to **SSO → Applications**. * Click on **Add New Application**.

* Search **SAML** and select the **SAML2.0 App**.

* Provide a name for your application (e.g., `OvalEdge`). * Upload a logo (optional).

* After submission, you'll be redirected to the **SSO → Identity Management → User Group** page.

2. **Configure SAML Settings** * Provide the required SAML configuration values as per the mentioned screenshot: * **SP Entity ID** * **ACS URL(s)** * **IdP URL**

* Select **SSO** and enter the required (**IDP URL**) details as shown below.

3. **Configure Attribute Mapping** * Navigate to the **User Attributes** section in JumpCloud. * Map the following attributes as needed: * `email → email` * `firstName → firstname` * `lastName → lastname` * (Optional) `group → user.groups` * Click **Save**.

4. **Assign Users to the Application** * **User Creation Process** * Provide the required user details and click **Save**. * Navigate to the **User Group** section to assign the user to the appropriate group.

* Provide necessary details and click **Save**.

* #### **Group Configuration** * Go to **User Groups**. * Click the **(+) icon**, then provide the **OvalEdge defined role** in the Group configuration.

* Go to the **users** and add a previously created user to this group.

* Go to the application and add the above-created application as per the screenshot.

* Click **Save Group & Apply Changes**.
5. **Configure SAML in Your Custom Application** * Until the above configuration is done, copy the **METADATA URL** as per the screenshot.

* Go to `oasis.properties` and update the below configurations with the URLs configured above.

* Once the above configuration is updated, add the parameter in the `setenv` file as shown below: ```bash -DOVALEDGE_SECURITY_TYPE=ldap ``` * Once it is done, restart the service and check the logs.
6. Test the SSO Integration * Open a new **incognito/private browser** window. * Navigate to your custom application's login page. * Click **Login with SSO**.

* Enter your **JumpCloud credentials**.

7. **Troubleshooting Common Issues** * Incorrect Credentials / Access Denied * Ensure the user is assigned to the application in JumpCloud. * Verify attribute mapping matches the required fields. * Signature Validation Failed * Ensure the correct **IdP Certificate** is uploaded to your application. * Verify that the SP Entity ID matches the one configured in JumpCloud. * Redirect Loop / Infinite Login Attempts * Verify the **ACS URL** is correct. * Ensure the application handles SAML authentication responses correctly. *** Copyright © 2025, OvalEdge LLC, Peachtree Corners, GA, USA. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.ovaledge.com/release8.1/installation-and-settings/authentication-and-sso-setup/jumpcloud.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.