Who can use this?
Plan: Enterprise (only admins)
Managed from: Admin Dashboard
Other: IdP account admin privileges
This article describes how to set up Krisp SSO login with your Identity Provider (IdP). Single sign-on allows you to log in using your company credentials. Krisp's single sign-on (SSO) is based on SAML 2.0.
Check this article to learn more about how you can get started with Krisp SSO.
Krisp SSO Settings
First, go to your Admin Dashboard >>> Settings >>> Authentication. Check the Enable SSO box and click on SAML to open Configure SAML panel. You'll need this info in the further steps. Let's call this Krisp Settings.
Configuring JumpCloud with a custom app
To configure Krisp with JumpCloud, follow these steps:
- Go to your JumpCloud dashboard >>> SSO.
- Click on the + sign >>> Custom SAML app.
- You will now be on the General Info page.
Add a Display Label for your new application and optionally, add a logo.
- You will now be on the SSO page. Complete the following actions:
- IdP Entity ID: copy "Your team slug" value from Krisp settings to this field
- SP Entity ID: copy "Your team slug" value from Krisp settings to this field
- ACS URL: copy the "Reply URL (Assertion Consumer Service URL)" from Krisp Settings to this field
- Login URL: copy the "Single sign on URL" from Krisp Settings to this field
- IDP URL: specify the ending of the URL (ex: krispjumpcloud). Copy the URL to the "Identity provider single sign on URL" field in Krisp Settings
InfoNote that the IdP URL cannot be shared across applications and this URL is not editable after creation.
- Stay on the same page in JumpCloud. Scroll down to the Attributes section. Click add attribute. Specify the following values:
- Service Provider Attribute Name: email
- JumpCloudAttribute Name: email
- You will get the following notification:
Public Certificate has been created.
Download the certificate from the notification window.
You can also download the certificate by going to the newly created custom app >>> IDP Certificate Valid >>> Download certificate.
- Open the downloaded certificate and copy it to the X-509 certificate field in Krisp Settings.
- Copy "Your team slug" value from Krisp settings and copy it to the following fields:
- Audience URI in Krisp Settings
- Identity provider issuer in Krisp Settings
- Go back to the custom app >>> User Groups. Select the user group(s) you want to assign the application to.
Now your team members will be able to sign into their Krisp accounts by logging into their JumpCloud accounts using the Krisp team slug.