Integrating JumpCloud SAML SSO and SCIM with Dialpad

Single sign-on (SSO) makes logging into Dialpad easy and convenient. By configuring and enabling this integration, you can log in to Dialpad using SAML-based SSO after you've been authenticated by JumpCloud.

The steps below use an example domain called projectgemma.com. Wherever applicable, this value should be substituted with the proper domain identifier for your company.

Enabling SAML in Dialpad

1. Log into Dialpad and click on Admin Settings. Next, select My Company from the drop down on top of the screen and click on Authentication on the left pane. Under Authentication, click on SAML. 

2. On the SAML configuration page, click on dropdown menu for Choose your provider and select Custom. You should see a page that looks similar to the image below. Take note of the values for SP SSO Url (ACS) and SP Entity ID. The values will differ based on the domain identifier of your company.

image8.png

3. Be sure to keep this tab open — we'll be revisiting this page after configuring SAML on JumpCloud.

Configuring SAML SSO in JumpCloud

  1. Login to JumpCloud as an admin.
  2. In the left pane, click on SSO and click on the + icon to add a new application.
  3. In the Search bar, type Dialpad and when the result is shown click on configure.image13.png
  4. Provide a relevant name under the Display Label and click on activate. Select continue on the confirmation pop-up.image7.png
  5. Click on the created application to continue with its configuration.image2.png
  6. Navigate to the SSO tab and update the SP Entity ID and ACS URL attributes with the values obtained from the Dialpad SAML configuration we had left open in the previous section. Then, click on Save.

    JumpCloud attribute to populate

    Attribute name in Dialpad

    Example Value

    SP Entity ID

    SP Entity ID

    https://dialpad.com/api/saml/metadata/custom/projectgemma.com

    ACS URL

    SP SSO Url (ACS)

    https://dialpad.com/saml/sso/custom/projectgemma.com

    image.png
  7. Click on the created application again to continue with its configuration. Under the SSO tab, under the Attributes section, verify that the Service Provider Attribute Name email is mapped to the JumpCloud attribute name email.
  8. Click on the created application again to continue with its configuration. Under the SSO tab, we’ll need the following attributes (found in the table) from JumpCloud. The values against these attributes shall be configured back in the Dialpad SAML configuration tab which had been opened in the previous section.

Dialpad Attribute to populate

JumpCloud attribute to use

Example value

IdP Entity ID (Issuer)

IdP Entity ID

JumpCloud

IdP SSO URL

IDP URL

https://sso.jumpcloud.com/saml2/dialpad

Certificate

IDP Certificate*

Downloaded pem file (without the BEGIN and END tags)

* The IDP certificate can be downloaded from the left pane in JumpCloud:

image8.png

Configuring SAML back in Dialpad

  1. Now, back in the Dialpad SAML configuration page, populate the IdP related attributes retrieved from the previous section (IdP Entity ID, IdP SSO URL and Certificate) and click on Save.

image3.png

Setting up users for login via SAML

  1. In JumpCloud, login as an administrator. On the left pane, click on User Groups. Select the group for which the Dialpad application needs to be associated with. Navigate to the Applications tab and select/check the Dialpad SSO application. The result looks like this:image4.png
  2. Log in to JumpCloud as any test user (picked from the above group) using another browser profile/session. The Dialpad application should be listed under Applications, as shown below:image12.png
  3. Next, using the same test user’s (non-admin) browser session, navigate to Dialpad Login in a different tab. Click on Login with Another Provider. Enter the domain of the user and click on Next. After a few redirections, the user should now be logged in to Dialpad.image6.png

Enabling automatic user provisioning

JumpCloud and Dialpad support a SCIM 2.0-based automatic user provisioning system. With the configuration in place, creating user accounts, updates, and deactivation will happen automatically.

Acquire an API Key from Dialpad

  1. As a Dialpad administrator, navigate to Admin Settings > My Company > Authentication> API keys.
  2. Click on Add key and generate a new API key for JumpCloud with the default scopes (already selected).
  3. Save the key temporarily in a secure way. This will be required in the next section. 

Allow jumpcloud.com as a secondary domain for the company

For the SCIM integration to succeed, JumpCloud will try to create a test user with a @jumpcloud.com domain. This domain needs to be added as a secondary domain in the company CSR before proceeding further. Contact Dialpad Support to have this enabled.

Enabling identity management in JumpCloud

  1. Login to JumpCloud as an admin.
  2. Select the previously created Dialpad SSO application and navigate to the Identity Management tab.
  3. Under Configuration Settings, verify the SCIM Version is SCIM 2.0 and update the Base URL to have the value as https://dialpad.com/scim.
  4. For the Token Key attribute, use the API key generated in the previous section.
  5. Click on Test Connection. Once it succeeds, the Group Management section becomes available.image9.pngimage1.png
  6. Turn OFF group management and then click on activate. JumpCloud will perform a user creation/deletion test. Once the test succeeds, the integration is complete. Click on save.

Was this article helpful?

/