- How to configure User authorization.
- Meraki Dashboard does not support SP-initiated SSO.
- Users with Meraki administrator accounts cannot use SSO.
Configure the JumpCloud SSO Application
- Access the JumpCloud Administrator Console at https://console.jumpcloud.com.
- Select Applications in the main navigation panel.
- Select the + in the upper left, scroll or search for the application in the 'Configure New Application' side panel, the select 'configure'.
- You can upload a service provider application's XML metadata file to populate SAML connector attributes for that application. The attributes populated by the metadata file may vary by the application. To apply a metadata file for the application you're connecting, click Upload Metadata. Navigate to the file you want to upload, then click Open. You'll see a confirmation of a successful upload. Be aware that if you upload more than one metadata file, you'll overwrite the attribute values applied in the previously uploaded file.
- In the IDP Entity ID field, enter
- Select Upload IdP Private Key and upload the private.pem file generated according to the above prerequisites.
- Select Upload IdP Certificate and upload the cert.pem file generated according to the above prerequisites.
- In the ACS URL field, paste the Consumer URL copied from Meraki Dashboard.
- In the Role Attribute field, enter
https://dashboard.meraki.com/saml/attributes/role=<USER_ROLE>(replace USER_ROLE with the name of the role you created/selected in Meraki Dashboard).
- In the field terminating the IdP URL, either leave the default value or enter a plaintext string unique to this connector.
- (Optional) In the Display Label field, enter a label that will appear beside the Meraki logo within the JumpCloud console to guide administrators and users to the connection you have configured.
- Select Activate.
Configure the Service Provider
- Log in to Meraki Dashboard as an administrator.
- Select on the Organization tab.
- In the Configure column, select on Settings.
- In the SAML Configuration section, select SAML SSO Enabled from the drop-down menu.
- Select Add a SAML IdP.
- For the X.509 cert SHA1 fingerprint, enter your SHA1 certificate fingerprint (If you are unfamiliar with this process please reference the link above for generating a public certificate and private key).
- (Optional) If you would like users to be sent back to the JumpCloud User Portal when they log out of Meraki Dashboard, enter the following as the SLO Logout URL:
- Select Save Changes.
- Copy the Consumer URL.
- Select on the Organization tab.
- In the Configure column, select on Administrators.
- In the SAML administrator roles section, select Add SAML Role if no roles have been created, create a role with the appropriate access for auto-provisioned users and select Save changes. If roles have previously been created, decide which role will be designated to all users auto-provisioned via SSO.
Validate SSO authentication workflows
- Access the JumpCloud User Console at https://console.jumpcloud.com.
- Select the Service Provider icon.
- This should automatically launch and login to the application.
- Navigate to your Service Provider application URL.
- You will be redirected to log in to the JumpCloud User Portal.
- The browser will be redirected back to the application and be automatically logged in.