Jumpcloud Self Serve SSO Steps - SAML

The following steps have to be executed in the SingleStore Helios Portal and the JumpCloud Admin portal sequentially.

In the SingleStore Helios Portal

  1. Open the ORG:your-org menu on the left and go to Settings.

  2. Click the Authentication tab at the top next to the Account tab.

  3. Use the Add Identity Provider menu on the right to add a SAML 2.0 identity provider connection.

  4. Add a Connection Name, for example, JumpCloud SAML.

  5. Copy SingleStore’s Service Provider Configuration and store it in a file with a .xml extension

In the JumpCloud Admin Portal

  1. In the JumpCloud Admin console, select SSO under User Authentication.

  2. Click on Get Started or +Add New Application.

  3. Click on Custom SAML App at the bottom of the screen.

  4. Fill in the details:

    • Display Label as SingleStore or  SingleStore SAML.

    • Click Logo and upload a SingleStore logo.

  5. Unclick Show this application in User Portal because IdP-initiated login is not yet supported for SAML.

  6. Click the SSO tab at the top.

  7. Click Upload Metadata and upload the saved service provider configuration.

  8. That will fill in some fields like SP Entity ID.

  9. Create an IdP Entity ID. This can be anything. For example, SingleStore-JumpCloud.

  10. Pick a SAMLSubject NameID. This should be consistent for each user. Pick a SAMLSubject NameID Format. Persistence is best but only if the NameID is actually consistent.

  11. Under Login URL, add https://portal.singlestore.com.

  12. Under User Attribute Mapping add:

    Service Provider Attribute Name

    JumpCloud Attribute Name

    "<email>"

    "email"

    "<firstName>"

    "firstName"

    "<lastName>"

    "lastName"

  13. Click User Groups at the top of the page.

  14. Assign user(s) to the SingleStore application. This can be all the users because SSO is an authentication, not authorization and assigning users to the application does not grant them access to the SingleStore Helios Portal.

  15. Click Activate at the bottom of the page.

  16. Click Continue

  17. Select the new application.

  18. Click Export Metadata.  That should trigger the download of an XML file.

In the SingleStore Helios Portal

  1. Scroll down to Identity Provider XML and click Choose file to upload the XML file downloaded from the JumpCloud Admin portal.

  2. Scroll down to Map User Attributes and fill in “email” for email, “firstName” for firstName and “lastName” for lastName

  3. Click Save

Last modified: November 8, 2023

Was this article helpful?