Skip to main content

Introduction

This guide will detail the steps required to integrate Jump Cloud as a SAML provider for your env zero organization. The current implementation supports SAML 2.0 and is used for authentication only, where you define your users in your Jump Cloud account to enable them access to your env zero organization.

Steps

  1. Login to the Jump Cloud admin console.
  2. Under the User Authentication menu click on the SSO.
  3. Add a new application.
  4. Click on the “Custom SAML app”.
  1. In the General Info tab fill in the Display name as env zero add a description and choose a color indication or upload the env zero logo.
  2. In the SSO tab fill in the following information:
  • IdP Entity ID - https://login.app.env0.com/login/callback?connection={YOUR_ENV0_ORG_ID}
  • SP Entity ID - urn:auth0:env0:{YOUR_ENV0_ORG_ID}
  • ACS URL - https://login.app.env0.com/login/callback?connection={YOUR_ENV0_ORG_ID}
  • SP Certificate: Upload this file
  • SAMLSubject NameID: email
  • SAMLSubject NameID Format: urn:oasis:names:tc:SAML:2.0:nameid-format:unspecified
  • Signature Algorithm: RSA-SHA256
  • Groups Attributes: Check the include group attribute and set it to be teams
  • Attributes:
Service Provider Attribute NameJumpCloud Attribute Name
emailemail
firstNamefirstname
lastNamelastname
namefullname
Teams SyncingTeams will be synced each time a user will login with the following logic:
  1. env zero will create a new team if one doesn’t exist based on the group name we received from the SAML provider.
  2. If the team exists in env zero we will not create a new team.
  3. We will assign the user to all the teams in env zero based on the group names they are a member of in the SAML provider.
  4. If the user was removed from a group in the SAML provider we will remove them from the team in env zero.
  1. In the User Groups tab Select the group of users you would like to have access to the env zero platform.
  2. Click on the activate button and create the application.
  3. Go to the env zero application to edit it.
  4. On the right-hand side click on the IDP Certificate dropdown and click on the Download certificate option.
  5. In the SSO tab copy the IDP URL
  6. Please submit the IDP URL and the certificate using the secured webform - env zero setup SAML single sign-on.