Single Sign-On with JumpCloud

This guide provides step-by-step instructions on setting up JumpCloud as a SAML IdP for your Cloudsmith Organization.

Adding Cloudsmith to JumpCloud

Cloudsmith is not (yet) an integrated application in JumpCloud. You'll have to add Cloudsmith manually so you can configure SSO.

Step1

Log in as an administrator to JumpCloud, choose Applications from the sidebar and use the green + icon to add a new application:

802802
Step2

Choose the generic SAML connector (usually first in the list, labelled SAML) and hit Configure:

23522352
Step3

On the configuration screen, enter the Display Label as "Cloudsmith", and optionally choose a colour for the application.

14581458
Step4

Next, you'll need to choose an IdP entity ID, which is just a unique string used to identify this application/connector with JumpCloud. It doesn't matter what you use, so long as it's unique within your JumpCloud account. For example purposes we use "JumpCloud-Cloudsmith":

808808
Step5

For the next step, you'll need to generate a public and private key used to sign and secure communication between JumpCloud and Cloudsmith (if you don't already have them). JumpCloud have their own docs on exactly how to generate these keys depending on your operating system. Once generated, upload the private and public keys using the next two fields in the form:

378378
Step6

Next, we'll fill in SP Entity ID and ACS URL with the same value. To determine the value we use the following format: https://cloudsmith.io/orgs/MY_ORG_NAME/saml/acs/, where "MY_ORG_NAME" is replaced with your organization's slug e.g. for the cloudsmith org we use https://cloudsmith.io/orgs/cloudsmith/saml/acs/:

748748
Step7

We then need to configure the SAML Name ID attribute. We want to choose email and the appropriate emailAddress format:

856856
Step8

Cloudsmith requires that users are identified by a first and last name, so we'll need to configure JumpCloud to send those too. Under User Attributes click add attribute and enter first/last name exactly as follows:

23122312
Step9

Almost there, we need to check the box labelled Sign Assertion:

218218
Step10

Check the box labelled Declare redirect endpoint:

436436
Step11

And finally, choose an appropriate IdP URL, which must be unique in your account (cloudsmith is fine, unless you have more than one connector).

932932
Step12

Hit the green Activate button in the bottom right to complete your configuration:

570570
Step13

Your application is now configured on JumpCloud and you can add users and groups as required using the Users tab in the sidebar:

858858

Providing configuration to Cloudsmith

Once configured as above, you'll need to provide metadata to Cloudsmith to connect to your newly configured IdP.

At the bottom-right of the form, right beside the Activate button from the previous step you'll see an Export Metadata button. Click it and an XML file containing metadata will be downloaded:

752752

Take this file and add the XML contents to your SAML settings in your Cloudsmith organization.

All wrapped up!

The Cloudsmith application should now appear on the JumpCloud portal as normal:

602602

You can then enable SAML in your Cloudsmith SAML settings.

You'll be able to access the landing page of your organization at the following URL:
https://cloudsmith.io/orgs/ORG/saml/login/

Where ORG is your organization's slug/identifier (what you would normally see in the URL when accessing your organization within Cloudsmith). If you're not sure what this is, please just ask us.

If you have any feedback on our SAML functionality or features you wish we supported, please do let us know as it'll help inform our roadmap in future.


Did this page help you?

Cloudsmith is the new standard in Package / Artifact Management and Software Distribution

With support for all major package formats, you can trust us to manage your software supply chain.


Start My Free Trial Now
Cookie Declaration (Manage Cookies)