Legacy: Set up SAML authentication with JumpCloud

🔍Please note: This article is for customers on Standard Bundle, Enrichment, or Clearbit Platform plans. 

To initiate and complete the SAML authentication setup, you'll need to work with a Clearbit Implementation Manager. Please contact Clearbit Support for assistance.

 

 

These instructions outline the steps that your JumpCloud administrator must take to create, activate, and assign users to access Clearbit apps using SAML authentication.

Create a custom SAML app in JumpCloud

Clearbit integrates with JumpCloud through a custom SAML app setup, and isn't available in JumpCloud's integration library.

  1. To create the custom SAML app in your JumpCloud account, navigate to SSO, click Add New Application, and select Custom SAML App.
  2. Enter a name for the app (e.g. Clearbit). Optionally, add a description and icon (Example icon).
  3. Navigate to the SSO tab at the top of the screen to configure your new app.

Compete the Single Sign-On (SSO) configuration

on the Single Sign-on Configuration page, include the information below:

  • IdP Entity ID: JumpCloud → This value can be whatever you like (some users use their website domain name or another unique identifier). The purpose of this field is to allow Clearbit to identify JumpCloud as the approved IdP.
  • SP Entity ID: A unique Entity ID will be provided by the Clearbit team. The information provided may also also be referred to as the Service Provider Entity ID.
  • ACS URL: A unique ACS URL will be provided by the Clearbit team. The information provided may also also be referred to as the Single Sign-On URL.
  • SAMLSubject NameID: email
  • SAMLSubject NameID Format: urn:oasis:names:tc:SAML:1.1: nameid-format:emailAddress
  • Sign Assertion = True
  • IDP URL: https://sso.jumpcloud. com/saml2/clearbit

Required attribute mappings

Clearbit uses just-in-time (JIT) provisioning to create new users in your account when they are added to your SAML application and attempt to log in for the first time.

In the Attributes section of the Single Sign-on Configuration, you must map the following user attributes:

Clearbit Attribute Name JumpCloud Attribute Name
firstName firstName
lastName lastName

 

Assign user groups to the SAML authentication app

To identify all of the users who currently have access to your Clearbit account, in the Clearbit dashboard, navigate to Teams > Users.

  1. To assign users to the app, at the top of the SSO app configuration page, click the User Groups.
  2. Click the groups you would like to grant access to Clearbit
  3. Click Save.

Please note: All users who are granted access to the Clearbit SAML app will be granted user access to the Clearbit account. If a user does not exist in our system, we will create one automatically.

Share your SAML app details with the Clearbit team

On the Google Identity Provider details page, scroll down to Option 2. Copy and share the following information with the Clearbit team:

  • IDP URL
  • IdP Entity ID
  • IdP Certificate

Enable SAML authentication

SAML authentication must be enabled by a Clearbit employee using the information you shared in the previous step.
Once you have successfully created the SAML app, shared your app details with the Clearbit team, assigned users, and are ready to enable SAML authentication, contact Clearbit to complete the setup process.
If you would like to coordinate the enablement and testing of your app, Clearbit Support is happy to arrange a call to complete the setup together and answer any questions.

 

Learn More