Configure SingleStore SSO using JumpCloud

Display name: SingleStore Cloud

Description: Our primary database

Download the SingleStore logo, which must be less than 100KB.

Click Logo

Click Replace Logo and add the SingleStore logo.

Select and copy the following XML, edit it, by changing the YOUR-DOMAIN-NAME to your actual fully-qualified domain name and then upload it.

<md:EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" entityID="https://keycloak-prod.internal.memcompute.com/auth/realms/memsql" ID="ID_058b2172-4fb9-467c-a0b2-e602621202aa"><md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol" AuthnRequestsSigned="true" WantAssertionsSigned="true"><md:KeyDescriptor use="signing"><ds:KeyInfo><ds:KeyName>jAJ1Baa7zIHaUFcQVNwdudBZ_Hf7otmPAST_W3lpv7c</ds:KeyName><ds:X509Data><ds:X509Certificate>MIICmzCCAYMCBgFlkRngfjANBgkqhkiG9w0BAQsFADARMQ8wDQYDVQQDDAZNZW1TUUwwHhcNMTgwODMxMTc0NjU2WhcNMjgwODMxMTc0ODM2WjARMQ8wDQYDVQQDDAZNZW1TUUwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPi6mTaWOijeYPngHcj4R0ZH83nA8CfF9olTKWXLfzjN/Chno1NXRyD8/ZMMVxQSbfJgphTZ3n9aFgxRwohl110eOxJGE93On2gRRm5Z8uhjLBWFuOj+HrY2EyKVeiUwdEqaVPw3usIywy7kokJb5EDrPFczgfB0exDD65MrCR36G4EDIkuI8lyCMaEgkkRXDJdufPPHtyTq4dfsjZ2EqHij4luEecTeHybdyUMOzVs3TUHDJsVZhMTEsPquIUQNU4yIAmyT1HpZ/DtgH5KJ6WLm5cUaQHTaN8X6ST3hnMvVuvNLUW73oZekQ7ua1V03oihk0YoAvZ7b/ABpBZz2gpAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAEQkjLX15+H4ORz+jblCZHAwzWy60sGShIDWAGoVGS5VvvrXVo2+IhhElgVwvZDXhg9faUItIvEDO2ptcvEJqLwy/xfqxS0DNx/5cntiw88zlk3NkR0cjUubLJ7ff9AQUcMQNrB9n6uiayRIt8fc+crmTR5j+7uBAWquArW5ZLK7eE2wFAyNA0qSidD8VzjpFU4WMDRCyQwNpuZEBSAaQ3UfKUSC+zbroHyGC9QPEsGNTnUnY/eZ2lVK8ZaARmpccsBT8C7Mqt3t35igzlWsfIR+/dzDKGurFk/krchQ3U2aL5DX6T+8ZDtvPK67yBGyllQccMfWAIabQSwyKsPXazU=</ds:X509Certificate></ds:X509Data></ds:KeyInfo></md:KeyDescriptor><md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://auth.singlestore.com/auth/realms/memsql/broker/YOUR-DOMAIN-NAME/endpoint"></md:SingleLogoutService><md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat><md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://auth.singlestore.com/auth/realms/memsql/broker/YOUR-DOMAIN-NAME/endpoint" isDefault="true" index="1"></md:AssertionConsumerService><md:AttributeConsumingService isDefault="true" index="1"><md:ServiceName xml:lang="en">MemSQL</md:ServiceName><md:RequestedAttribute Name="firstName" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified"></md:RequestedAttribute><md:RequestedAttribute Name="lastName" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified"></md:RequestedAttribute><md:RequestedAttribute Name="email" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified"></md:RequestedAttribute></md:AttributeConsumingService></md:SPSSODescriptor></md:EntityDescriptor>

Fill in the ACS URL as follows:

https://auth.singlestore.com/auth/realms/memsql/broker/YOUR-DOMAIN-NAME/endpoint

(replace YOUR-DOMAIN-NAME with your fully-qualified domain name in the URL)

Take a screenshot of the above.

Fill in the IdP URL

This cannot be adjusted later. You can only change the last bit.  Do not put “SingleStore” because this namespace is shared with other JumpCloud customers.  Instead, put your fully-qualified domain name but use the dash (-) instead of a period (.)

Fill in the SP Entity ID as follows:

https://auth.singlestore.com/auth/realms/memsql

Fill in the USER ATTRIBUTE MAPPING.

Take a screenshot showing both the attributes and the IdP URL.

Click activate

Now, under SSO/Configured Applications, you should see SingleStore. Click it.

Now click Export Metadata