You can choose to enforce SAML SSO for Ally with Jumpcloud for added security. Once set up, users in your organization can use their managed Jumpcloud account credentials to sign in to Ally via Single Sign-On (SSO).
To connect your SSO to your instance of Ally, please follow the instructions listed here: Steps to setup SSO
After you have enabled SSO within Ally, the next step is to create an Ally App within Jumpcloud:
- Login to Jumpcloud as an Admin
- Select "Applications" and "Configure New Application" (Green plus sign)
- Select "Custom SAML App"
Enter the following information into the configuration fields:
General Info:
- Display Label: Ally.io (Or other name you would like to appear for the app)
- Description: Optional- brief summary of what the app is
- Display Option: Select a logo file or a color indicator to represent the app
Single Sign-On Configuration:
- IDP Entity ID: Copy the SAML name from Ally
- SP Entity ID: Copy the SAML name from Ally
- ACS URL: Copy the SAML name from Ally
- SP Certificate: Leave as default (Empty)
- SAML Subject NameID: email
- SAML Subject NameID Format: Leave as default
- Signature Algorithm: Leave as default
- Sign Assertion: Check this box
- Default RelayState: Leave as default
- IdP-Initiated URL: Leave as default
- Declare Redirect Endpoint: Check this box
- IDP URL: Leave as default
- Attributes: Case sensitive
Once all fields have been filled out, select "save."
Update the following fields in the Ally SSO Integration by copying them from Jumpcloud:
- SAML 2.0 Endpoint URL: IDP URL
- Identity Provider Issuer URL: IDP Entity ID
- Public (X.509) Certificate: IDP Certificate Valid