Description: The customer would like to use the JumpCloud as their authentication to the CloudConnexa VPN users
Resolution: The Administrator should configure CloudConnexa as SAML Authentication for VPN users and create Custom SAML App for CloudConnexa in JumpCloud.
Step 1) From your CloudConnexa Portal > Settings > User Authentication > Edit > SAML > SAML Configuration > Download Service Provider Metadata
Step 2a) JumpCloud supports the SAML Single Sign-On (SSO) to give your users convenient but secure access to all their web applications with a single set of credentials.
Log in to the JumpCloud Admin Portal: https://console.jumpcloud.com/login/admin.
Step 2b) Go to User Authentication > SSO.
Step 2c) Click ( + ) to configure a new application.
Step 2d) You'll see Custom SAML App at the bottom and click to configure
Step 2e) General Info > Display Label: OpenVPN
Step 2f) SSO > Upload the Metadata that was downloaded from CloudConnexa Portal > proceed to input the details needed which you can find from your CloudConnexa SAML Configuration(see below a sample screenshot)
IdP Entity ID: https://console.jumpcloud.com
SP Entity ID: ninotrajano.openvpn.cloud
ACS URL: https://sso-backend.openvpn.com/sso/api/v1/saml/acs
SAMLSubject NameID: email
SAMLSubject NameID Format: urn:oasis:names:tc:SAML:2.0:nameid-format:unspecified
Signature Algorithm: RSA-SHA256
IDP URL: https://sso.jumpcloud.com/saml2/saml2
Service Provider Attribute Name JumpCloud Attribute Name
Enable Include Group Attribute: memberOf
Step 2g) User Groups > Choose which groups you would like to be bound to SAML > then Activate
Step 3) Download the created Metadata of JumpCloud SAML from your JumpCloud Administrator Portal > SSO > Choose the created SAML app > SSO > Export Metadata
Step 4) From your CloudConnexa Portal > Settings > User Authentication > Edit > SAML > SAML Configuration >Next > Copy the text content of the downloaded Metadata from JumpCloud and paste It under IdP Metadata XML > proceed to input the details needed(see below a sample screenshot) > Next > Finish
IdP Name: Jumpcloud
User Name: username
First Name: firstname
Last Name: lastname
Step 5) Group Mapping
From your CloudConnexa Portal > Settings > User Authentication > Edit > SAML > View Group Mapping > Add Rule (see below a sample screenshot)
Step 6) Enable SAML for CloudConnexa after configuration all settings