Single Sign-On (SSO) through JumpCloud OIDC

Learn how to set up Single Sign-On (SSO) with Debricked through JumpCloud OIDC.

This feature is currently only available for SCA Enterprise customers.

This article details how to configure JumpCloud OIDC as the primary Identity Provider to facilitate SSO with Debricked. For details regarding integration with other Identity Providers, see Single Sign-On (SSO).

Adding a new application

  1. In your JumpCloud Admin Portal, click on SSO under “User Authentication” in the sidebar.

  2. From here click on + Add new application at the top of the page

  3. Once the applications modal is open, click on Custom OIDC App to start setting up the Debricked integration.

Configuring the Debricked app

After clicking on Custom OIDC App you will be asked to name the new application. We suggest you give it an easily recognizable name, e.g. “Debricked” or “Debricked SSO”.

Select the SSO tab and complete the configuration:

  1. In the Redirect URIs input set: *https://debricked.com/app/sso/oidc/auth*

  2. The Client Authentication Type should be set to “Client Secret Basic”

  3. Set the Login URL to: *https://debricked.com/app/sso/oidc/login*

  4. Add three parameters to the Attribute Mapping section to enable Debricked to fetch the necessary user data. On the left you can find the attribute names (make sure they are spelled correctly!) and on the right the corresponding JumpCloud name. The mapping is as follows:

  • email → email

  • given_name → firstname

  • family_name → lastname

Now that everything is set up you can click on Activate at the bottom right of the page to save the application.

JumpCloud will now present you with the ClientID and Client Secret which you will need to send to our support team to complete the integration.

Communicating the data with Debricked

To complete the integration we will require the following the following information::

  • Issuer URL (the URL used to fetch OIDC information)

  • Email Domains (the email domains which will be designated to your organization)

  • Client ID (identifier of the Debricked integration)

  • Client secret (secret to authorize the integration, also provided when installing the integration in your IdP)

You can forward it to us by either:

  • getting in touch with our support team at support@debricked.com

  • submitting the configuration data through an API endpoint at https://debricked.com/api/1.0/open/sso/oidc/request

Adding users

Note that in order for your users to be able to use this application you will need to assign them to the new application you have created. To do so, simply click on the Debricked application from your JumpCloud Admin Portal and go to the User Groups tab, from here you will be able to assign user groups to this application:

Once your users are added they can direct log in from https://debricked.com/app/sso/login . You can also invite them from Debricked (keep in mind that they must be assigned to the application on your vendor side) from your Admin Tools. This invite will be a special SSO invite, which will redirect them to your Identity Provider and let them log in to Debricked.

Testing the set up

Once your integration has been added to your enterprise account, you can enable it in the Debricked web tool by visiting the User Permissions tab in Admin Tools.

Head over to https://debricked.com/app/sso/login, input the enterprise email (the same email domain which you submitted before), you should be redirected to your Identity Provider and be able to authenticate. After logging in you will be redirected and logged in to Debricked as well.

Last updated