- 14 Sep 2023
- 3 Minutes to read
- Print
- DarkLight
- PDF
Integrating JumpCloud SAML SSO and SCIM with Dialpad
- Updated on 14 Sep 2023
- 3 Minutes to read
- Print
- DarkLight
- PDF
Logging into Dialpad is easy and secure with JumpCloud single sign-on (SSO).
Let's dive into the details.
Enable SAML in Dialpad
First things first, you'll need to enable SAML in Dialpad.
Head to your Admin Settings from Dialpad.com
- Select My Company
- Select Authentication
- Select SAML
- Navigate to Choose your provider
- Select Custom
- Take note of the values for SP SSO Url (ACS) and SP Entity ID
- The values will differ based on the domain identifier of your company.
- Keep this tab open — we'll be revisiting this page after configuring SAML on JumpCloud.
Configure SAML SSO in JumpCloud
Now, its time to configure SAML SSO in Jumpcloud.
- Login to JumpCloud as an admin
- Select SSO
- Select the + icon to add a new application
- Type Dialpad in the search bar
- Select configure
- Enter a Display Label, then select activate
- Select continue
- Select continue
- Click on the created application
- Navigate to the SSO tab
- Update the SP Entity ID and ACS URL attributes with the values obtained from the Dialpad SAML configuration
JumpCloud attribute to populate
Attribute name in Dialpad
Example Value
SP Entity ID
SP Entity ID
https://dialpad.com/api/saml/metadata/custom/projectgemma.com
ACS URL
SP SSO Url (ACS)
https://dialpad.com/saml/sso/custom/projectgemma.com
- Select Save
- Click on the created application again to continue
- Navigate to the Attributes section within the SSO tab
- Verify that the Service Provider Attribute Name email is mapped to the JumpCloud attribute name email
- Click on the created application again to continue
- Under the SSO tab, you’ll need the following attributes (found in the table) from JumpCloud.
- The values against these attributes shall be configured back in the Dialpad SAML configuration tab.
Dialpad Attribute to populate | JumpCloud attribute to use | Example value |
---|---|---|
IdP Entity ID (Issuer) | IdP Entity ID | JumpCloud |
IdP SSO URL | IDP URL | https://sso.jumpcloud.com/saml2/dialpad |
Certificate | IDP Certificate* | Downloaded pem file (without the BEGIN and END tags) |
* The IDP certificate can be downloaded from the left pane in JumpCloud:
Configure SAML in Dialpad
Now, its time to populate the IdP attributes in Dialpad.
Head to your Admin Settings from Dialpad.com
- Select My Company
- Select Authentication
- Select SAML
- Populate the IdP related attributes retrieved from the previous section (IdP Entity ID, IdP SSO URL and Certificate)
- Select Save
Setting up SAML Users
Now that SSO has been configured, its time to set up the users.
- In JumpCloud, login as an administrator
- Select User Groups
- Select the group for you'll be using with Dialpad
- Navigate to the Applications tab and select/check the Dialpad SSO application.
- Log in to JumpCloud as any test user (picked from the above group) using another browser profile/session.
- The Dialpad application should be listed under Applications
- The Dialpad application should be listed under Applications
- Next, using the same test user’s (non-admin) browser session, navigate to Dialpad Login in a different tab.
- Click on Login with Another Provider. Enter the domain of the user and click on Next.
- After a few redirections, the user should now be logged in to Dialpad.
- After a few redirections, the user should now be logged in to Dialpad.
Enable automatic user provisioning
JumpCloud and Dialpad support a SCIM 2.0-based automatic user provisioning system. With the configuration in place, creating user accounts, updates, and deactivation will happen automatically.
Acquire an API Key from Dialpad
- As a Dialpad administrator, navigate to Admin Settings > My Company > Authentication> API keys.
- Click on Add key and generate a new API key for JumpCloud with the default scopes (already selected).
- Save the key temporarily in a secure way. This will be required in the next section.
Allow jumpcloud.com as a secondary domain for the company
For the SCIM integration to succeed, JumpCloud will try to create a test user with a @jumpcloud.com domain. This domain needs to be added as a secondary domain in the company CSR before proceeding further. Contact Dialpad Support to have this enabled.
Enable identity management in JumpCloud
To enable identity management in JumpCloud:
- Login to JumpCloud as an admin
- Select the previously created Dialpad SSO application
- Navigate to the Identity Management tab
- Under Configuration Settings, verify the SCIM Version is SCIM 2.0
- Update the Base URL to have the value as https://dialpad.com/scim
- For the Token Key attribute, use the API key generated in the previous section
- Click on Test Connection. Once it succeeds, the Group Management section becomes available
- Turn OFF group management and then click on activate. JumpCloud will perform a user creation/deletion test. Once the test succeeds, the integration is complete
- Select save