Integrating JumpCloud SAML SSO and SCIM with Dialpad

Logging into Dialpad is easy and secure with JumpCloud single sign-on (SSO).

Let's dive into the details.

Enable SAML in Dialpad

First things first, you'll need to enable SAML in Dialpad.

Head to your Admin Settings from Dialpad.com 

1. Select My Company 
2. Select Authentication
3. Select SAML
4. Navigate to Choose your provider 
5. Select Custom                              
6. Take note of the values for SP SSO Url (ACS) and SP Entity ID
   1. The values will differ based on the domain identifier of your company.
   2. Keep this tab open — we'll be revisiting this page after configuring SAML on JumpCloud.

Configure SAML SSO in JumpCloud

Now, its time to configure SAML SSO in Jumpcloud.

1. Login to JumpCloud as an admin
2. Select SSO 
3. Select the + icon to add a new application
4. Type Dialpad in the search bar
5. Select configure
   
6. Enter a Display Label, then select activate
   1. Select continue 
      
7. Click on the created application 
   
8. Navigate to the SSO tab 
9. Update the SP Entity ID and ACS URL attributes with the values obtained from the Dialpad SAML configuration 

   JumpCloud attribute to populate	Attribute name in Dialpad	Example Value
   SP Entity ID	SP Entity ID	https://dialpad.com/api/saml/metadata/custom/projectgemma.com
   ACS URL	SP SSO Url (ACS)	https://dialpad.com/saml/sso/custom/projectgemma.com

   
10. Select Save
11. Click on the created application again to continue
12. Navigate to the Attributes section within the SSO tab
13. Verify that the Service Provider Attribute Name email is mapped to the JumpCloud attribute name email
14. Click on the created application again to continue 
15. Under the SSO tab, you’ll need the following attributes (found in the table) from JumpCloud. 
    1. The values against these attributes shall be configured back in the Dialpad SAML configuration tab.

* The IDP certificate can be downloaded from the left pane in JumpCloud:

Configure SAML in Dialpad

Now, its time to populate the IdP attributes in Dialpad. 

Head to your Admin Settings from Dialpad.com 

1. Select My Company 
2. Select Authentication
3. Select SAML
4. Populate the IdP related attributes retrieved from the previous section (IdP Entity ID, IdP SSO URL and Certificate)
5. Select Save

Setting up SAML Users 

Now that SSO has been configured, its time to set up the users. 

1. In JumpCloud, login as an administrator
2. Select User Groups
3. Select the group for you'll be using with Dialpad
4. Navigate to the Applications tab and select/check the Dialpad SSO application. 
5. Log in to JumpCloud as any test user (picked from the above group) using another browser profile/session. 
   1. The Dialpad application should be listed under Applications
      
6. Next, using the same test user’s (non-admin) browser session, navigate to Dialpad Login in a different tab. 
7. Click on Login with Another Provider. Enter the domain of the user and click on Next. 
   1. After a few redirections, the user should now be logged in to Dialpad.

Enable automatic user provisioning

JumpCloud and Dialpad support a SCIM 2.0-based automatic user provisioning system. With the configuration in place, creating user accounts, updates, and deactivation will happen automatically.

Acquire an API Key from Dialpad

1. As a Dialpad administrator, navigate to Admin Settings > My Company > Authentication> API keys.
2. Click on Add key and generate a new API key for JumpCloud with the default scopes (already selected).
3. Save the key temporarily in a secure way. This will be required in the next section. 

Allow jumpcloud.com as a secondary domain for the company

For the SCIM integration to succeed, JumpCloud will try to create a test user with a @jumpcloud.com domain. This domain needs to be added as a secondary domain in the company CSR before proceeding further. Contact Dialpad Support to have this enabled.

Enable identity management in JumpCloud

To enable identity management in JumpCloud:

1. Login to JumpCloud as an admin
2. Select the previously created Dialpad SSO application
3. Navigate to the Identity Management tab
4. Under Configuration Settings, verify the SCIM Version is SCIM 2.0
5. Update the Base URL to have the value as https://dialpad.com/scim
6. For the Token Key attribute, use the API key generated in the previous section
7. Click on Test Connection. Once it succeeds, the Group Management section becomes available
8. Turn OFF group management and then click on activate. JumpCloud will perform a user creation/deletion test. Once the test succeeds, the integration is complete
9. Select save