One of the SAML providers you can use is JumpCloud.
In order to get started with JumpCloud, you will need:
- Jumpcloud account with admin permissions.
- All users are provisioned in Jumpcloud with the same exact email address. We don't create new user accounts with SSO.
- Administrator level access in Hudu.
Configuring JumpCloud
- Go to the JumpCloud Admin -> SSO -> +
- At the bottom of the panel, click Can't Find an Application -> Custom SAML App
- In General Info, give the app a name and an optional description
- In the SSO tab, Enter the following in the fields:
- IdP Entity ID: Enter your Hudu URL, e.g. https://docs.mywebsite.com
- SP Identity ID: Enter your Hudu URL, e.g. https://docs.mywebsite.com
- ACS URL: Enter
https://docs.mywebsite.com/saml/consume
- Sign on URL: Enter
https://docs.mywebsite.com
- Default Relay State: You can skip filling this in.
- SAMLSubject NameID: Email
- Signature Algorithm: RSA-SHA1
- SAMLSubject NameID Format: Choose EmailAddress
- Logout URL: Enter a URL where Hudu can redirect users after they sign out.
- Make sure to replace docs.mywebsite.com with your URL and subdomain. There is also no trailing slash at the end of the URL.
- Assign a user group with users that have MATCHING emails in Hudu.
Configuring the Fingerprint
- In order to get the fingerprint, go to https://developers.onelogin.com/saml/online-tools/x509-certs/calculate-fingerprint.
- Paste in the certificate from the Setup Instructions.
- Use sha1 as the algorithm.
- Copy the fingerprint. It should look like:
b909502ee82ae32433e6f83886b11d4277a32a7a
Configuring Hudu
- SAML Issuer URL: Needs to be the exact same as the IDP Identity ID you configured in Jumpcloud
- SAML Login and Logout - Copy the IDP URL from JumpCloud and paste in both
- SAML Fingerprint - Grabbed from the previous step
- SAML Certificate - Download from Jumpcloud and paste in. Make sure there is no extra spaces.