As organizations increase the number of applications within their on-premise network and through SaaS-based solution partners, having the assurance your employees can use one identity to gain secure access to the applications they need is critical. Employees gain simplicity and efficiency by having one username and password to access all of their business IT resources. Administrators improve management and security by centralizing control over the employee’s access to their assigned resources.
Web Application Authentication with SAML 2.0-based Single Sign-On
The cloud changed application development, deployment, and adoption forever. 10 years ago, applications were acquired and installed on-premise to manage key functions from contact management to email to finance management. SaaS applications remedied this legacy requirement of on-premise installation, lifting-and-shifting those resources to the cloud. Yet in order to combat identity silo situations, which were not a problem in the legacy on-premise world, the SAML specification was born to tie application authentication into identity providers who would authenticate and authorize the access via a browser to a web resource not in direct control of the organization. JumpCloud supports the SAML 2.0 protocol for a wide array of industry leading applications to ensure they are directly integrated with your core JumpCloud identities. We also offer a generic connector that can be used to set up SSO with nearly any SAML 2.0 app.
Legacy Application Authentication with LDAP-based Single Sign-On
For the past 30 years, LDAP has been the trusted authentication interface deployed by application vendors to tie applications to core directory services like OpenLDAP or Active Directory. These applications, both installed on-premise and many hosted as SaaS services, are still critical to an organization’s success as they control critical IT services (e.g. Jenkins) to ticketing and control systems (e.g. Atlassian Jira). JumpCloud’s cloud-based LDAP services ensure you have secure binding and authentication of your applications to your core directory in JumpCloud with no management overhead dealing with LDAP servers.
Group-based Application Access Control
JumpCloud’s group-based access controls enable administrators to associate the LDAP and SAML-based applications of their choice to the specific groups, enabling simple one click addition or removal of user access.
End User Access
Web-based application access can be leveraged through JumpCloud’s end user portal or on the application itself. For SaaS-based applications such as AWS, G Suite, Office 365, Salesforce and 100’s more, users simply gain access with one click from their portal. JumpCloud handles all of the authentication securely. Alternatively, users can also directly login to applications for service provider-initiated authentication. For applications leveraging LDAP, the application will automatically verify credentials with JumpCloud and enable the proper access based upon group membership.
Quick LinksWhat is Directory-as-a-Service?
Overview of our unified cloud directoryJumpCloud Resources Page
Videos, Tutorials, Analysis, & MoreCustomer Case Study: Ooyala
Going Global with Cloud LDAP & RADIUSThe Value of Directory Services
Read the whitepaperJumpCloud FAQ
Get answers to your questions
- SAML 2.0 for supported web-application providers.
- SAML SP and IdP-initiated authentication support.
- LDAP-as-a-Service for legacy/on-premise application and IT resource authentication.
- Group-based membership controls to enable or restrict resource access as needed.
- Easy administrative configuration and management of SAML and LDAP integration interfaces.
- Generic SAML Connector that allows integration with any application that supports SAML 2.0-based SSO.
- One identity for all application access.
- Single sign-on access to leading SaaS applications.
- Standards-based configuration (SAML 2.0, LDAP).
- Central control over what users can access.
- Tight security over application access.
Learn more about Application SSO in our Support Center documentation.