JumpCloud
Configure SSO on CoreWeave with JumpCloud
To configure CoreWeave SSO using JumpCloud as your identity provider, first create a new SSO configuration on CoreWeave.
On the configuration screen, select JumpCloud from the Your IDP drop-down menu.
It's recommended to keep the CoreWeave Cloud window open so that you may reference the values provided by CoreWeave during this configuration.
Create a JumpCloud Single Sign-On configuration
From your JumpCloud admin dashboard, navigate to the SSO page. From here, navigate to User Authentication > SSO to set up the configuration.
The IdP Entity ID field refers to the identity provider's entity ID. Take this value and input it into the Entity ID provided by the IDP field in the CoreWeave Cloud SSO configuration module.
The SP Entity ID field refers to the service provider's entity ID. This can be found in the CoreWeave Cloud SSO configuration module, and can be copy-pasted from there into the JumpCloud field.
Neither the IdP Private Key nor the IdP Certificate need to be adjusted - leave these alone.
Next, in the ACS URL field, enter the ACS URL provided in the CoreWeave Cloud's SAML SSO modal. Ignore the Replace SP Certificate button.
The following fields - SAMLSubject NameID, SAMLSubject NameID Format, and Signature Algorithm, should match the following values to properly format the user attributes:
Field name | Field value |
---|---|
SAMLSubject NameID | email |
SAMLSubject NameID Format | urn:oasis:name:tc:SAML:1.1:nameid-format:unspecified |
Signature Algorithm | RSA-SHA256 |
Leave the Sign Assertion checkbox unchecked.
The IDP URL field will contain some value equivalent to https://sso.jumpcloud.com/saml2/saml2
.
User attributes
Under the IDP URL field in the Attributes section are several fields for Attributes. The given JumpCloud attributes should match the following formats:
Service Provider Attribute Name | JumpCloud Attribute Name |
---|---|
first_name | firstname |
last_name | lastname |
email | |
login | email |
The email
attribute is what uniquely identifies users.
Entity certificate
To acquire and provide the SSO certificate from JumpCloud to CoreWeave, first locate the certificate status field on the left-hand side of the JumpCloud SSO configuration modal. Click the small triangle to the right of the certificate status, then select Download certificate. An XML file will download, which contains the body of the x.509 certificate.
To provide the certificate body to CoreWeave's SSO configuration, open this file, locate the certificate body within the XML file, and copy it to your clipboard. Then, paste it into the X.509 Certificate provided by IDP field in the SAML SSO configuration modal.
For more information about configuring SSO on JumpCloud, see JumpCloud's Getting Started: Applications (SAML SSO). For more information on JumpCloud certificate and key management, refer to Managing Application IDP Certificate and Key Pairs.