You can choose to enforce SAML SSO for Ally with Jumpcloud for added security. Once set up, users in your organization can use their managed Jumpcloud account credentials to sign in to Ally via Single Sign-On (SSO).

To connect your SSO to your instance of Ally, please follow the instructions listed here: Steps to setup SSO

After you have enabled SSO within Ally, the next step is to create an Ally App within Jumpcloud:

  1. Login to Jumpcloud as an Admin
  2. Select "Applications" and "Configure New Application" (Green plus sign)
  3. Select "Custom SAML App"

Enter the following information into the configuration fields:

General Info:

  1. Display Label: (Or other name you would like to appear for the app)
  2. Description: Optional- brief summary of what the app is
  3. Display Option: Select a logo file or a color indicator to represent the app

Single Sign-On Configuration:

  1. IDP Entity ID: Copy the SAML name from Ally
  2. SP Entity ID: Copy the SAML name from Ally
  3. ACS URL: Copy the SAML name from Ally
  4. SP Certificate: Leave as default (Empty)
  5. SAML Subject NameID: email
  6. SAML Subject NameID Format: Leave as default
  7. Signature Algorithm: Leave as default
  8. Sign Assertion: Check this box
  9. Default RelayState: Leave as default
  10. IdP-Initiated URL: Leave as default
  11. Declare Redirect Endpoint: Check this box
  12. IDP URL: Leave as default
  13. Attributes: Case sensitive

Once all fields have been filled out, select "save."

Update the following fields in the Ally SSO Integration by copying them from Jumpcloud:

  • SAML 2.0 Endpoint URL: IDP URL
  • Identity Provider Issuer URL: IDP Entity ID
  • Public (X.509) Certificate: IDP Certificate Valid

Did this answer your question?