Putting Lumos Behind Jumpcloud

After this article...

You'll have Lumos behind Jumpcloud SAML and can restrict who can log in! 🔒

Steps

1. Log into Jumpcloud Admin

Log into the Jumpcloud Admin console.

2. Create a SAML application

Follow the steps here to create a custom SAML app in Jumpcloud. A Lumos logo is provided below if you would like to add this to the app in Jumpcloud (recommended).

3. Contact Lumos support to get URLs

Contact the Lumos support team via Slack or email (support@lumos.com) to obtain the required configuration URLs for your Jumpcloud app.

You'll need the following:

• Single sign on URL (ACS URL)

• Audience URI (SP Entity ID)

4. Configure the URLs in Jumpcloud

The ACS URL and Entity ID will need to be set in the Single Sign-On Configuration section of the Lumos SAML app in Jumpcloud.

You'll input the ACS URL for “ACS URL” and the SP Entity ID as both the “IdP Entity ID” and “SP Entity ID” in Jumpcloud.

Make sure to save your changes once you plug in the URLs.

5. Configure attribute mappings

Use the table below to copy + paste the following attribute mappings in Jumpcloud.

6. Check the "Sign Assertion" box under the SSO tab and click "Save".

7. Check the Declare Redirect endpoint option

Make sure this box is checked on the SAML app under the SSO tab.

8. Send Lumos Support the Jumpcloud metadata file.

Click the Export Metadata button under JumpCloud Metadata in the SSO tab. This will download an XML metadata file that you need to send to the Lumos team to finish the configuration.

9. Assign users to the application in Jumpcloud

Follow the instructions here to assign users to the Jumpcloud Lumos application.

10. Get confirmation from Lumos support that everything is ready!

Once Lumos has confirmed that you're set up via SSO, make sure that you can log into Lumos from the Jumpcloud tile or from the Lumos login page and you should be good to go! 🚀