Support Center

Single Sign On (SSO) with Meraki Dashboard

Prerequisites:

Notes:

  • How to configure User authorization.
  • Meraki Dashboard does not support SP-initiated SSO.
  • Users with Meraki administrator accounts cannot use SSO.

Configure the JumpCloud SSO Application

  1. Access the JumpCloud Administrator Console at https://console.jumpcloud.com.
  2. Select Applications in the main navigation panel.
  3. Select the + in the upper left, scroll or search for the application in the 'Configure New Application' side panel, the select 'configure'.
  4. You can upload a service provider application's XML metadata file to populate SAML connector attributes for that application. The attributes populated by the metadata file may vary by the application. To apply a metadata file for the application you're connecting, click Upload Metadata. Navigate to the file you want to upload, then click Open. You'll see a confirmation of a successful upload. Be aware that if you upload more than one metadata file, you'll overwrite the attribute values applied in the previously uploaded file.
  5. In the IDP Entity ID field, enter https://YOURDOMAIN.TLD (e.g., https://thebestwidgets.com).
  6. Select Upload IdP Private Key and upload the private.pem file generated according to the above prerequisites.
  7. Select Upload IdP Certificate and upload the cert.pem file generated according to the above prerequisites.
  8. In the ACS URL field, paste the Consumer URL copied from Meraki Dashboard.
  9. In the Role Attribute field, enter https://dashboard.meraki.com/saml/attributes/role=<USER_ROLE> (replace USER_ROLE with the name of the role you created/selected in Meraki Dashboard).
  10. In the field terminating the IdP URL, either leave the default value or enter a plaintext string unique to this connector.
  11. (Optional) In the Display Label field, enter a label that will appear beside the Meraki logo within the JumpCloud console to guide administrators and users to the connection you have configured.
  12. Select Activate.

Configure the Service Provider

  1. Log in to Meraki Dashboard as an administrator.
  2. Select on the Organization tab.
  3. In the Configure column, select on Settings.
  4. In the SAML Configuration section, select SAML SSO Enabled from the drop-down menu.
  5. Select Add a SAML IdP.
  6. For the X.509 cert SHA1 fingerprint, enter your SHA1 certificate fingerprint (If you are unfamiliar with this process please reference the link above for generating a public certificate and private key).
  7. (Optional) If you would like users to be sent back to the JumpCloud User Portal when they log out of Meraki Dashboard, enter the following as the SLO Logout URL:https://console.jumpcloud.com/userconsole/.
  8. Select Save Changes.
  9. Copy the Consumer URL.
  10. Select on the Organization tab.
  11. In the Configure column, select on Administrators.
  12. In the SAML administrator roles section, select Add SAML Role if no roles have been created, create a role with the appropriate access for auto-provisioned users and select Save changes. If roles have previously been created, decide which role will be designated to all users auto-provisioned via SSO.

Validate SSO authentication workflows

IdP Initiated

  • Access the JumpCloud User Console at https://console.jumpcloud.com.
  • Select the Service Provider icon.
  • This should automatically launch and login to the application.

SP Initiated

  • Navigate to your Service Provider application URL.
  • You will be redirected to log in to the JumpCloud User Portal.
  • The browser will be redirected back to the application and be automatically logged in.
 

Last Updated: May 15, 2019 10:42AM MDT

Related Articles
desk-forwarding@jumpcloud.com
https://cdn.desk.com/
false
desk
Loading
seconds ago
a minute ago
minutes ago
an hour ago
hours ago
a day ago
days ago
about
false
Invalid characters found
/customer/en/portal/articles/autocomplete