Configure JumpCloud to manage your directory of users in SonicWall Cloud Secure Edge
Description
JumpCloud has a Directory-as-a-Service solution which helps your employees sign in and access resources. Cloud Secure Edge (CSE) integrates with your organization’s JumpCloud SSO to authenticate enterprise users that need access to CSE-secured services.
Pre-requisites #
In order to set up this integration, you need the following privileges:
- administrative access to JumpCloud;
- the ability to add a new SSO Application
Steps #
Step 1: Add Banyan Security - End User Access App in JumpCloud #
1.1 In JumpCloud, navigate to *SSO** -> Add New Application -> Custom SAML App. This should lead you to the New SSO page.
1.2 Enter General Info
- Display Label (ex. “Banyan Security - End User Access”)
- Ensure “Show this application in User Portal” is unchecked
1.3 Enter the following information on the SSO tab:
1) IdP Entity ID: https://{ORGNAME}.trust.banyanops.com/v2/callback
2) SP Entity ID: https://{ORGNAME}.trust.banyanops.com/v2/callback
3) ACS URLS: https://{ORGNAME}.trust.banyanops.com/v2/callback
4) SAMLSubject NameID: Usually username or email
5) Format: Persistent
Take note of the IDP URL for Step 2.
1.4 Update Required Attributes
Note: CSE required attributes for Just in Time Provisioning are Email, Username, and Groups.
1.5 Assign User Groups and Save.
1.6 Download the IDP Certificate from the newly created SAML 2.0 App.
Step 2: Configure User Identity Provider Settings in CSE #
2.1 Log into the Command Center, and navigate from Settings > Identity and Access tab > End User tab.
2.2 In the Identity Provider Protocol field, select “SAML”. In the Identity Provider Name field, select “OTHER” and then enter “JumpCloud”.
2.3 In the IDP SSO URL field, enter the IDP URL (from Step 1.3).
2.4 Edit the IDP Certificate (from Step 1.6) in a text editor and copy in the IDP CA Certificate
2.5 Add Mapped Attributes and Save.
