- Generate a public certificate and private key pair.
- In order to successfully complete the integration between JumpCloud and Smartsheet, you must use an administrator account on a Smartsheet Enterprise plan.
- How to configure User authorization.
- Configuring Smartsheet for SAML authentication requires the administrator to validate a domain. When you arrive at this step in the configuration, consult steps 6-9 of the Smartsheet documentation located at
Configure the JumpCloud SSO Application: Part 1
- Access the JumpCloud Administrator Console at https://console.jumpcloud.com.
- Select Applications in the main navigation panel.
- Select the + in the upper left, scroll or search for the application in the 'Configure New Application' side panel, the select 'configure'.
- You can upload a service provider application's XML metadata file to populate SAML connector attributes for that application. The attributes populated by the metadata file may vary by the application. To apply a metadata file for the application you're connecting, click Upload Metadata. Navigate to the file you want to upload, then click Open. You'll see a confirmation of a successful upload. Be aware that if you upload more than one metadata file, you'll overwrite the attribute values applied in the previously uploaded file.
- In the IDP Entity ID field, enter
- Select Upload IdP Private Key and upload the private.pem file generated according to the above prerequisites.
- Select Upload IdP Certificate and upload the cert.pem file generated according to the above prerequisites.
- Leave the IdP-Initiated URL as the default value (you will edit this later).
- In the field terminating the IdP URL, either leave the default value or enter a plaintext string unique to this connector.
- (Optional) In the Display Label field, enter a label that will appear under the Service Provider logo within the JumpCloud User console.
- Select Activate.
- Select export metadata for Smartsheet on the right-hand side of the page.
- Leave your JumpCloud admin console open.
Configure the Service Provider
- Open the metadata file in a text editor and copy its contents.
- Log in to Smartsheet as an administrator.
- Select Account in the top left corner and select Account Admin from the drop-down menu.
- Select Security Controls.
- In the Authentication section, select Edit.
- Select not configured next to SAML.
- Select Add IdP.
- In the IdP Nickname field, enter ‘JumpCloud’.
- In the IdP Metadata field, paste the contents of the metadata file.
- Select Save.
- After Smartsheet has validated your metadata file successfully, the Edit IdP form will open.
- Select Add Domain.
- In the Domain Name field, enter
https://YOURDOMAIN.com(replace YOURDOMAIN with your company’s unique domain that you want to be SAML-enabled).
- Select Save.
- In the Edit Domain form that opens, validate your domain.
- After the domain validation is successful, copy the SSO URL.
- If the Domain Status is ‘Inactive’, select Activate.
- Back in the Edit IdP form (your domain should show as ‘Active’ in the Domains section), if the IdP Status is Inactive select Activate.
- Back in the SAML Administration form, choose the appropriate mode for your organization.
- If the SAML Status is ‘Disabled’, select Enable.
Configure the JumpCloud SSO Application: Part 2
- Return to your JumpCloud admin console.
- Select details for Smartsheet on the right-hand side of the page.
- Replace the default IdP-Initiated URL value with the SSO URL you copied from the Smartsheet configuration page.
- Select Save.
Validate SSO authentication workflows
- Access the JumpCloud User Console at https://console.jumpcloud.com.
- Select the Service Provider icon.
- This should automatically launch and login to the application.
- Navigate to your Service Provider application URL.
- You will be redirected to log in to the JumpCloud User Portal.
- The browser will be redirected back to the application and be automatically logged in.