# JumpCloud SSO

### Introduction

[JumpCloud](https://jumpcloud.com) provides an open directory platform unifying the technology stack across identity, access and device management, in a cost-effective manner that doesn't sacrifice security or functionality.

Organizations that use JumpCloud can enable Single Sign-on (SSO) between Paradime and their JumpCloud instance using OIDC. This page describes how to configure SSO between Paradime and JumpCloud.

### Create a new JumpCloud Application Integration

1. Login to the [JumpCloud Admin Portal](https://console.jumpcloud.com/) and navigate to the **SSO Applications** section and click on **"+ Add New Application"**<br>

   <div data-with-frame="true"><figure><img src="https://2337193041-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FHET0AD04uHMgdeLAjptq%2Fuploads%2FDMDsYDwH6ZJJp0kQOUa3%2Fimage.png?alt=media&#x26;token=c8b2eddf-7ca4-45d3-bcf3-70ef68c89bfd" alt=""><figcaption><p>Add new SSO Application</p></figcaption></figure></div>

2. Select **Custom Application** in the list of applications an click **Next** in the bottom right.

<div data-with-frame="true"><figure><img src="https://2337193041-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FHET0AD04uHMgdeLAjptq%2Fuploads%2F8pTT43vaXrRcv8OrCdNa%2FScreenshot%202026-01-06%20at%2017.23.38.png?alt=media&#x26;token=24e5f488-b964-45a6-b9c2-8ee0b3ebf9a7" alt=""><figcaption></figcaption></figure></div>

3. From the features list, you'd want to enable the **Manage Single Sign-On (SSO)** and select **Configure SSO with OIDC**. Then press Next to Continue

<div data-with-frame="true"><figure><img src="https://2337193041-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FHET0AD04uHMgdeLAjptq%2Fuploads%2FzQf7FTkYIkTBdB8zMUZi%2FScreenshot%202026-01-06%20at%2017.24.17.png?alt=media&#x26;token=d25feafe-b6af-4971-a768-9a14c933cca5" alt=""><figcaption></figcaption></figure></div>

4. In the general info for the SSO application, enter the following details:

* Enter "**Paradime**" for the Display Label
* Select **Show application in User Portal**
* Add the Paradime Logo in the **User Portal Image**. You can download the paradime logo here [Paradime Logo](https://paradime.notion.site/Icon-purple-90c6f9527e1e4195b95a6f4595e6f15c).&#x20;

Click **Next** to continue.

<div data-with-frame="true"><figure><img src="https://2337193041-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FHET0AD04uHMgdeLAjptq%2Fuploads%2F9ziR0RIPN3OZeGuVuARk%2FScreenshot%202026-01-06%20at%2017.26.37.png?alt=media&#x26;token=32070d73-46dd-4a49-9537-806205ba9cd1" alt=""><figcaption></figcaption></figure></div>

### Configure the JumpCloud Application

After creating the custom application, click on **Configure Application**.

<div data-with-frame="true"><figure><img src="https://2337193041-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FHET0AD04uHMgdeLAjptq%2Fuploads%2F8g01WZXYSOfoRAfRUtpT%2FScreenshot%202026-01-06%20at%2017.26.43.png?alt=media&#x26;token=28aa4fca-b14c-4a18-8b94-d28010838352" alt=""><figcaption></figcaption></figure></div>

1. In the **Configuration Settings** enter the following details:
   * Make sure to select "Refresh Token" in the **Grant type**
   * In the **Redirect URI** section, enter the Redirect URI below based on the region where your Paradime account is hosted

<table><thead><tr><th width="209.93359375">Region</th><th>Redirect URI</th></tr></thead><tbody><tr><td>EU 🇪🇺</td><td> <code>https://account.paradime.io/login/callback</code></td></tr><tr><td>US 🇺🇸</td><td><code>https://account.us.paradime.io/login/callback</code> </td></tr></tbody></table>

* Set the **Client Authentication Type** to "Client Secret Post"
* Enter `https://app.paradime.io` in the **Login URL**

<div data-with-frame="true"><figure><img src="https://2337193041-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FHET0AD04uHMgdeLAjptq%2Fuploads%2FSRuoUTTnvp0gFFDr2Ew5%2Fimage.png?alt=media&#x26;token=96c5529f-f97a-4542-b9a7-f5b831546d75" alt=""><figcaption></figcaption></figure></div>

2.In the **Attribute Mapping** **Settings** enter, make sure to enable "Email" and "Profile" in the Standard Scope Settings and click on **Activate** to complete the configuration.

<div data-with-frame="true"><figure><img src="https://2337193041-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FHET0AD04uHMgdeLAjptq%2Fuploads%2FlDUO5niLjgEf21SIQ632%2FScreenshot%202026-01-06%20at%2017.27.58.png?alt=media&#x26;token=40df78d3-ef41-44e4-9a77-a7fb89336fe9" alt=""><figcaption></figcaption></figure></div>

{% hint style="info" %}
Once completed the configuration, you will be provided with a **Client ID** and **Client Secret.** Make sure to copy and save these in a safe place, as you wont be able to access these again.
{% endhint %}

{% hint style="danger" %}
Make sure you add all the users and user groups who need access to Paradime either individually or as a group added to the Paradime app in JumpCloud in the **User Groups** tab.
{% endhint %}

### Configuring Paradime to enable JumpCloud SSO[​](https://app.dev.paradime.io/_help/92e9662/sso-azure-ad#configuring-paradime-to-enable-azure-ad-sso) <a href="#configuring-paradime-to-enable-azure-a-d-sso" id="configuring-paradime-to-enable-azure-a-d-sso"></a>

Once the JumpCloud SSO Application is configured, reach out to the Paradime team at <support@paradime.io> and share the following information via a password manager like 1Password, Dashlane and similar.

* **Client ID**
* **Client Secret**

Paradime team will then create the SSO client and enable SSO on your company name and once confirmed, during login, users in your company will see a **Continue with JumpCloud** option.

{% hint style="success" %}
If you already have an existing Social login setup, then using the JumpCloud option, Paradime will automatically link your accounts and you can then use JumpCloud SSO for all future logins.
{% endhint %}