Configure JumpCloud to manage your directory of users in Banyan

  • Updated on Jan 09, 2024

JumpCloud has a Directory-as-a-Service solution which helps your employees sign in and access resources. Banyan integrates with your organization’s JumpCloud SSO to authenticate enterprise users that need access to Banyan-secured services.

Pre-requisites

In order to set up this integration, you need the following privileges:

  • administrative access to JumpCloud;
  • the ability to add a new SSO Application

Steps

1.1 In JumpCloud, navigate to *SSO** -> Add New Application -> Custom SAML App. This should lead you to the New SSO page.

1.2 Enter General Info

  • Display Label (ex. “Banyan Security - End User Access”)
  • Ensure “Show this application in User Portal” is unchecked

1.3 Enter the following information on the SSO tab:

1) IdP Entity ID: https://{ORGNAME}.trust.banyanops.com/v2/callback
2) SP Entity ID: https://{ORGNAME}.trust.banyanops.com/v2/callback
3) ACS URLS: https://{ORGNAME}.trust.banyanops.com/v2/callback
4) SAMLSubject NameID: Usually username or email
5) Format: Persistent

Take note of the IDP URL for Step 2.

1.4 Update Required Attributes

Note: Banyan required attributes for Just in Time Provisioning are Email, Username, and Groups.

1.5 Assign User Groups and Save.

1.6 Download the IDP Certificate from the newly created SAML 2.0 App.

2.1 Log into Banyan’s Command Center, and navigate from Settings > Identity and Access tab > End User tab.

2.2 In the Identity Provider Protocol field, select “SAML”. In the Identity Provider Name field, select “OTHER” and then enter “JumpCloud”.

2.3 In the IDP SSO URL field, enter the IDP URL (from Step 1.3).

2.4 Edit the IDP Certificate (from Step 1.6) in a text editor and copy in the IDP CA Certificate

2.5 Add Mapped Attributes and Save.


Can’t find what you’re looking for?

We’re happy to help. Contact our team.