Author: Jenna Zwick
Date: 01/22/2024
Audience: Everyone
Environment: Jama Connect® Cloud customers already use Google as their Auth0 identity provider (IdP) for SSO.
Introduction:
This guide provides step-by-step instructions for configuring Single Sign-On (SSO) for Jama Connect using Google as the Identity Provider (IdP). This setup is intended for Jama Connect Cloud users who wish to implement a Custom SAML web application for authentication and electronic signatures.
Prerequisites:
Before beginning, ensure you have:
- Admin access to your Google domain is available via admin.google.com.
- The Jama Connect Cloud instance is ready for SSO integration.
Configuration Steps:
-
Initial Setup:
- Log in to your Google Admin console (admin.google.com) with domain administrator privileges.
- Contact Jama Connect Support to get your ACS URL, EntityID, and other important information you may need to configure to ensure Jama Connect matches your users by email address.
-
Creating SAML Applications:
- In the Google Admin console, navigate to
Apps
>Web and Mobile apps
. - Select
Add App
and clickAdd Custom SAML app
. - Follow the wizard to create two SAML applications: one for Jama Connect authentication (auth) and another for Jama Connect electronic signatures (eSig).
- In the Google Admin console, navigate to
-
Configuring SAML Applications:
- For each application, configure the SAML settings as follows:
- ACS URL: Obtain this from your Jama Connect support team.
- Entity ID: Typically, the URL of your Jama Connect instance.
-
Name ID: Set as
Primary Email
. - Attribute Mapping: Map relevant user attributes Jama Connect requires, such as First Name, Last Name, and Email. (Often user.first name, the user. Last name and user. Mail, but this may vary.)
- Download the metadata XML for each application and save them for the next step.
- For each application, configure the SAML settings as follows:
-
Integrating with Jama Connect:
- Contact Jama Connect support to provide the downloaded metadata XML files.
- Schedule a support session to apply the metadata to your Jama Connect instance and verify the integration. Ensure you have someone available to access both the Google domain settings and Jama Connect during the session.
-
Testing the Integration:
- Once the integration is applied, test the SSO functionality by attempting to log in to Jama Connect using the Google credentials.
- Use an incognito browser session to avoid caching issues and ensure you can access Jama Connect successfully.
- Verify the SSL certificate by clicking the lock icon in the browser's address bar and checking the certificate details. Ensure the certificate is valid and up-to-date.
-
Finalizing Setup:
- Confirm with Jama Connect support that the SSO setup is complete and functioning as expected before ending the meeting.
- Document the setup process internally for future reference and onboarding.
Conclusion:
Following these steps, you can successfully set up SSO for Jama Connect using Google as your IDP. This integration enhances security by centralizing user authentication and simplifying the login process for Jama Connect users.
Additional Resources:
For further assistance or troubleshooting, please contact Jama Connect support or refer to Google's documentation on SAML app integration.
To update the SSL certificate when it's about to expire (typically 1-4 years), please see Updating Your SSO SSL Certificate with Google as Your Auth0 Identity Provider (IdP).
Related to
Comments
0 comments
Please sign in to leave a comment.