JumpCloud’s Enterprise Portal (EP) centralizes the control and management of Organizations from one dashboard. This enables admins to control all of their organizations efficiently, from a single, browser-based portal. EP Admins can view top-level data for all of their managed orgs at-a-glance. They can also securely launch full management sessions from the EP for any org they administer.
Single Sign On (SSO) gives your Organization's users convenient but secure access to all their web applications with a single set of credentials.
Prerequisites
- A user account with appropriate permissions in the SP
- Any SP specific information, like an org ID, IdP URL, etc.
Terminology:
- Enterprise Portal: Portal where you manage settings for multiple organizations under one Enterprise Configuration. Differs from the JumpCloud Admin Portal, which is for one organization
- Organizations: These are the managed sub-organizations
Creating the Enterprise-Level SSO Application
To create a new JumpCloud Enterprise application
- Log in to your EP.
- Select the Configurations tab and click +New.
- Click + Add New Application (or Get Started if this is your first application) and select:
- Prebuilt application:
- Type <Your Application Name> in the Search field and select it
- Custom SAML application:
- Click Select on the Custom Application tile, OR
- Search for Custom SAML App and select it
- Select Manage Single Sign-On (SSO) > Configure SSO with SAML
- OIDC application:
- Click Select on the Custom Application tile, OR
- Search for OIDC and select it
- Select Manage Single Sign-On (SSO) > Configure SSO with OIDC
- Prebuilt application:
- Click Next.
- In the Display Label, type your name for the application.
- Optionally, customize the display label, description and how the application displays:
- Description - add a description that users will see in their user portal
- User Portal Image - choose Logo or Color Indicator
- Show in User Portal - enable to show the application tile in your organization's user portal
- If needed, customize the IdP URL:
- Expand Advanced Settings and enter the name you want to use for the end of the SSO IdP URL, https://sso.jumpcloud.com/saml2/<applicationname>
The SSO IdP URL is not editable after the application is created. You will have to delete and recreate the connector if you need to edit this field at a later time.
- Click Save Application.
- If successful, click:
- Configure Application and and go to the next section
- Close to configure your new application at a later time
To configure the SSO integration
Users must be added before any changes can be made to the SSO configuration, like attribute mappings.
SAML configuration guides for each of the application service providers supported by JumpCloud can be found in the Integrations & Applications section of the JumpCloud Help Center. Find a specific SSO configuration guide by searching for an application's name in the search bar at the top of the page.
Sharing Enterprise-Level Applications
- Log in to your EP.
- Go to the Configurations tab and select the Applications pill.

- Click on the name of the application and the Share Configuration aside will appear.
- Select the Organization(s) you would like to share the application with.
- Click Save.
Managing Access to Enterprise-Level Configurations
To manage user/group access
- Log in to your EP.
- Go to the Organizations tab and then click Launch next to the organization that contains the users you want to manage.
- In the Left Nav, go to Access > SSO Applications.
- Find and select your SSO Application.
- Go to the User Groups or Users tab.
- There are two options:
- Select the checkbox next to the user groups or users you want to give access
- Deselect the checkbox next to the user groups or users you want to remove access
- Click Save.
To manage org access
- Log in to your EP.
- Go to the Configurations tab and select the appropriate pill (Applications, Active Directory or Cloud Directories).

- Click on the name of the configuration.
- There are two options:
- Select the box next to the organizations where you want the configuration to be available
- Deselect the box next to the organizations where the configuration should no longer be available
- Click Save.