Skip to content

Set up JumpCloud SSO/SCIM#

Lens paid subscription feature

Info

This feature requires a paid subscription. Please visit the pricing page or contact the sales team for details.

Lens ID supports integration with various identity and access management services. As a Lens Business ID administrator, you can configure both the SSO authentication and SCIM provisioning.

On this page, you can find instructions on integration with the JumpCloud platform. You can create an application and configure both SSO and SCIM by associating the JumpCloud application with the Lens Business ID. For details, see the JumpCloud official website.

Prerequisites#

Administrator accounts:

  • JumpCloud
  • Lens Business ID

Create an application#

To create a Lens ID SSO application in the JumpCloud directory platform:

  1. From the JumpCloud administrator directory, navigate to SSO Applications and click Add New Application above the list of applications.
  2. Select Custom Application and then click Next.
  3. Mark one or several options from the list and click Next.

  4. In the Display Label input field, type the application name and click Save Application.

    Note

    For clarity purposes, we recommend using the value of the Business ID field in the Profile section of your Lens Business ID.

  5. Optional. Click Configure Application to proceed to the application configuration process.

Set up SSO#

  1. In the application profile, navigate to the SSO tab.

  2. Transfer the following URLs from Lens Business ID > Authentication to the JumpCloud SSO configuration:

    Copy from Lens Business ID Paste to JumpCloud Comment
    Service Provider Entity ID SP Entity ID A URL that identifies Lens as a service provider
    Assertion Consumer Service URL Default URL Default endpoint where JumpCloud sends SAML responses

  3. Transfer the following URLs from the JumpCloud SSO configuration to Lens Business ID > Authentication:

    JumpCloud Lens Business ID Comment
    IdP Entity ID Identity Provider Entity ID Set the same value as in IDP URL
    IDP URL SSO Service URL A URL that identifies JumpCloud as an identity provider

Set up SCIM#

  1. As JumpCloud administrator, select the application from the list.

  2. In the application configuration menu, select the Identity Management tab and specify the parameters as follows:

    Option Recommended value Comment
    API Type SCIM
    SCIM Version SCIM 2.0
    Base URL Base URL Find this value in Lens Business ID > Authentication > Base URL
    Test User Email test@test.com You can use any value of the email address format

  3. Test the application functioning by clicking Test Connection.

  4. Disable the Enable management of User Groups and Group Membership in this application flag.
  5. Click Activate in the header of the configuration menu and then click Save.

Add a new user group#

Create a group of users to be synchronized with your Lens Business ID:

  1. From the JumpCloud administrator account, navigate to User Groups.
  2. Click the plus button in the top bar.
  3. On the Details tab of the group configuration menu, specify the group name and other additional parameters.
  4. On the Users tab, specify the members of the group.
  5. On the Applications tab, select the application needed.
  6. Click Save.

Add users to the application#

  1. From the JumpCloud administrator account, navigate to SSO Applications.
  2. Select the user group and, in the group profile, open the User Groups tab.
  3. Select the group needed and click Save.

Adding user accounts to the application synchronizes them with the Lens Business ID. If there is an available subscription seat, a user gets automatically assigned to it. You can remove the user from the Lens Business ID and unassign the subscription seat through the JumpCloud administrator account. To do so, suspend the user account from the corresponding application.