# JumpCloud SSO

### Introduction

[JumpCloud](https://jumpcloud.com) provides an open directory platform unifying the technology stack across identity, access and device management, in a cost-effective manner that doesn't sacrifice security or functionality.

Organizations that use JumpCloud can enable Single Sign-on (SSO) between Paradime and their JumpCloud instance using OIDC. This page describes how to configure SSO between Paradime and JumpCloud.

### Create a new JumpCloud Application Integration

1. Login to the [JumpCloud Admin Portal](https://console.jumpcloud.com/) and navigate to the **SSO Applications** section and click on **"+ Add New Application"**<br>

   <div data-with-frame="true"><figure><img src="/files/qecZYXhq9P1I5zQ3HoSp" alt=""><figcaption><p>Add new SSO Application</p></figcaption></figure></div>
2. Select **Custom Application** in the list of applications an click **Next** in the bottom right.

<div data-with-frame="true"><figure><img src="/files/kpcrbwTK1jbjsXJDXHlM" alt=""><figcaption></figcaption></figure></div>

3. From the features list, you'd want to enable the **Manage Single Sign-On (SSO)** and select **Configure SSO with OIDC**. Then press Next to Continue

<div data-with-frame="true"><figure><img src="/files/Dy9ACKLVWtU9ZHQ0DOIM" alt=""><figcaption></figcaption></figure></div>

4. In the general info for the SSO application, enter the following details:

* Enter "**Paradime**" for the Display Label
* Select **Show application in User Portal**
* Add the Paradime Logo in the **User Portal Image**. You can download the paradime logo here [Paradime Logo](https://paradime.notion.site/Icon-purple-90c6f9527e1e4195b95a6f4595e6f15c).

Click **Next** to continue.

<div data-with-frame="true"><figure><img src="/files/VydsyzWDBW9c826Tn0cJ" alt=""><figcaption></figcaption></figure></div>

### Configure the JumpCloud Application

After creating the custom application, click on **Configure Application**.

<div data-with-frame="true"><figure><img src="/files/5nAJkaoQ9QMyUjflHZgp" alt=""><figcaption></figcaption></figure></div>

1. In the **Configuration Settings** enter the following details:
   * Make sure to select "Refresh Token" in the **Grant type**
   * In the **Redirect URI** section, enter the Redirect URI below based on the region where your Paradime account is hosted

<table><thead><tr><th width="209.93359375">Region</th><th>Redirect URI</th></tr></thead><tbody><tr><td>EU 🇪🇺</td><td><code>https://account.paradime.io/login/callback</code></td></tr><tr><td>US 🇺🇸</td><td><code>https://account.us.paradime.io/login/callback</code></td></tr></tbody></table>

* Set the **Client Authentication Type** to "Client Secret Post"
* Enter `https://app.paradime.io` in the **Login URL**

<div data-with-frame="true"><figure><img src="/files/bVJyKPFLyqHaVxTgf2h3" alt=""><figcaption></figcaption></figure></div>

2.In the **Attribute Mapping** **Settings** enter, make sure to enable "Email" and "Profile" in the Standard Scope Settings and click on **Activate** to complete the configuration.

<div data-with-frame="true"><figure><img src="/files/P0NvCFSmvSmiGFWo2GKz" alt=""><figcaption></figcaption></figure></div>

{% hint style="info" %}
Once completed the configuration, you will be provided with a **Client ID** and **Client Secret.** Make sure to copy and save these in a safe place, as you wont be able to access these again.
{% endhint %}

{% hint style="danger" %}
Make sure you add all the users and user groups who need access to Paradime either individually or as a group added to the Paradime app in JumpCloud in the **User Groups** tab.
{% endhint %}

### Configuring Paradime to enable JumpCloud SSO[​](https://app.dev.paradime.io/_help/92e9662/sso-azure-ad#configuring-paradime-to-enable-azure-ad-sso) <a href="#configuring-paradime-to-enable-azure-a-d-sso" id="configuring-paradime-to-enable-azure-a-d-sso"></a>

Once the JumpCloud SSO Application is configured, reach out to the Paradime team at <support@paradime.io> and share the following information via a password manager like 1Password, Dashlane and similar.

* **Client ID**
* **Client Secret**

Paradime team will then create the SSO client and enable SSO on your company name and once confirmed, during login, users in your company will see a **Continue with JumpCloud** option.

{% hint style="success" %}
If you already have an existing Social login setup, then using the JumpCloud option, Paradime will automatically link your accounts and you can then use JumpCloud SSO for all future logins.
{% endhint %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.paradime.io/app-help/documentation/security/single-sign-on/jumpcloud-sso.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.