Skip to content

JumpCloud (SAML)

JumpCloud provides SSO identity management. Cloudflare Access integrates with JumpCloud as a SAML identity provider.

Set up Jumpcloud as a SAML provider

  1. In the JumpCloud Admin Portal, go to SSO Applications.

  2. Select Add New Application.

  3. In the search bar, enter Cloudflare and select the Cloudflare Access application.

  4. Select Next.

  5. In Display Label, enter an application name.

  6. Select Save Application.

  7. Review the application summary and select Configure Application.

  8. In the SSO tab, configure the following settings:

    1. In IdP Entity ID, enter your Cloudflare team domain:

      https://<your-team-name>.cloudflareaccess.com/

      You can find your team name in Zero Trust under Settings > Custom Pages.

    2. Set both SP Entity ID and ACS URL to the following callback URL:

      https://<your-team-name>.cloudflareaccess.com/cdn-cgi/access/callback
    3. Scroll up to JumpCloud Metadata and select Export Metadata. Save this XML file for use in a later step.

  9. In the User Groups tab, assign user groups to this application.

  10. Select Save.

  11. In Zero Trust, go to Settings > Authentication.

  12. Under Login methods, select Add new.

  13. Select SAML.

  14. Upload your JumpCloud XML metadata file.

  15. Select Save.

You can now test your connection and create Access policies based on the configured login method and SAML attributes.

Example API configuration

{
"config": {
"issuer_url": "jumpcloud",
"sso_target_url": "https://sso.myexample.jumpcloud.com/saml2/cloudflareaccess",
"attributes": ["email", "name", "username"],
"email_attribute_name": "",
"sign_request": false,
"idp_public_cert": "MIIDpDCCAoygAwIBAgIGAV2ka+55MA0GCSqGSIb3DQEBCwUAMIGSMQswCQYDVQQGEwJVUzETMBEG\nA1UEC.....GF/Q2/MHadws97cZg\nuTnQyuOqPuHbnN83d/2l1NSYKCbHt24o"
},
"type": "saml",
"name": "jumpcloud saml example"
}