Set up SAML authentication with JumpCloud

These instructions outline the steps that your JumpCloud administrator must take to create, activate, and assign users to access Clearbit apps using SAML authentication.

Before you begin: Initiating and completing the SAML authentication setup requires collaboration with a Clearbit Implementation Manager. Please contact our team for assistance.

Create a custom SAML app in JumpCloud

Clearbit integrates with JumpCloud through a custom SAML app setup, and is not available in JumpCloud's integration library.

  1. To create the custom SAML app navigate to SSO in your JumpCloud account, click Add New Application, and select Custom SAML App.
  2. Provide a name for the app (e.g. Clearbit). Optionally, add a description and icon (we
    recommend this icon).
  3. Navigate to the SSO tab at the top of the screen to configure your new app.

Compete the Single Sign-On (SSO) configuration

Fill out the details below on the Single Sign-On Configuration page:

  • IdP Entity ID: JumpCloud → This value can be whatever you like (some users use their website domain name or another unique identifier). The purpose of this field is to allow Clearbit to identify JumpCloud as the approved IdP.
  • SP Entity ID: A unique Entity ID will be provided by the Clearbit team. The information provided may also also be referred to as the Service Provider Entity ID.
  • ACS URL: A unique ACS URL will be provided by the Clearbit team. The information provided may also also be referred to as the Single Sign-On URL.
  • SAMLSubject NameID: email
  • SAMLSubject NameID Format: urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
  • Sign Assertion = True
  • IDP URL: https://sso.jumpcloud.com/saml2/clearbit

Required attribute mappings

Clearbit uses just-in-time (JIT) provisioning to create new users in your account when they are added to your SAML application and attempt to log in for the first time.

Clearbit requires that you map the following user attributes in the Attributes section of the Single Sign-on Configuration:

Clearbit Attribute Name JumpCloud Attribute Name
firstName firstName
lastName lastName

 

Assign user groups to the SAML authentication app

To identify all of the users who currently have access to your Clearbit account, navigate to Teams > Users in the Clearbit dashboard.

  1. To assign users to the app, click on the User Groups tab at the top of the SSO app configuration page and select the groups that you would like to grant access to Clearbit, then click Save.

Please Note: All users who are granted access to the Clearbit SAML app will be granted user access to the Clearbit account. If a user does not exist in our system, we will create one automatically.

Share your SAML app details with the Clearbit team

Scroll down to Option 2 on the Google Identity Provider details page. Copy and share the following information with the Clearbit team

  • IDP URL
  • IdP Entity ID
  • IdP Certificate
  1.  

Enable SAML authentication

SAML authentication must be enabled by a Clearbit employee using the information you shared in the previous step.

Once you have successfully created the SAML app, shared your app details with the Clearbit team, assigned users, and are ready to enable SAML authentication... contact us and we will complete the setup process!

If you would like to coordinate the enablement and testing of your app, our team is happy to arrange a call to complete the setup together and answer any questions you may have.

Learn More