Configure JumpCloud + SAML for your Thinfinity RDP Server

How to configure JumpCloud + SAML for your Thinfinity® RDP Server for Thinfinity® Workspace

How to configure JumpCloud + SAML for your Thinfinity® RDP Server for Thinfinity® Workspace

This is a quick tutorial to integrate and configure JumpCloud with SAML for your Thinfinity® Workspace deployment. 

1) Enter your Jumpcloud MTP dashboard and enter the ‘Organizations’ tab on top and click ‘Launch’ in your organization below to enter the MTP portal.
Then, on the side panel, click on “SSO” and the plus icon afterward.

Configure JumpCloud + SAML for your Thinfinity RDP Server, step 01

Click on “Create custom App” button:

Configure JumpCloud + SAML for your Thinfinity RDP Server, step 02

Create a Label for your app login:

Configure JumpCloud + SAML for your Thinfinity RDP Server, step 03

Click on SSO tab, and you will be able to set the SAML parameters:

Configure JumpCloud + SAML for your Thinfinity RDP Server, step 04

IDP Entity ID : https://sso.jumpcloud.com/saml2/saml2

  • SP Entity ID : https://MyThinfinityIP:[Port]/

ACS URL : https://MyThinfinityIP:[Port]/SAMLAssertionConsumerService

 

You can also customize the IDP url further below in that same screen, make sure you set the same URL in IDP Entity ID if you choose to do so:

Configure JumpCloud + SAML for your Thinfinity RDP Server, step 05

Click ‘Activate’ afterward.
2) In your ‘Thinfinity Workspace/VirtualUI’ manager, go to the ‘Authentication’ tab and add a SAML authentication method:

Configure JumpCloud + SAML for your Thinfinity RDP Server, step 06

You will need to fill the fields with the information matching the settings we set previously in Jumpcloud, remember the ‘Service Certificate File’ is created automatically in the route you choose (In our case “C:\temp\sp.pfx) and the ‘Partner Certificate File’ we need to download from the SAML provider, Jumpcloud in this case. 

Configure JumpCloud + SAML for your Thinfinity RDP Server, step 07

3) Back in your Jumpcloud portal, go to SSO in the side panel and click your, now created, ‘App login’:

Configure JumpCloud + SAML for your Thinfinity RDP Server, step 08

Click on SSO and on the left panel you will be able to download the previously mentioned ‘Partner Certificate’:

Configure JumpCloud + SAML for your Thinfinity RDP Server, step 09

Make sure to save it and then declare it properly in your ‘Thinfinity Workspace/VirtualUI’ Manager:

Configure JumpCloud + SAML for your Thinfinity RDP Server, step 10

Now we need to create the user(s) in Jumpcloud that are able to access the app, go to ‘Users Group’ and click the + button:

Configure JumpCloud + SAML for your Thinfinity RDP Server, step 11

Create a user group with any name you wish, then go to the ‘Users’ tab and add whichever users you want to the group:

Configure JumpCloud + SAML for your Thinfinity RDP Server, step 12

Now, click the ‘Applications’ tab and select the ‘App’ access we just created to link it to the user group:

Configure JumpCloud + SAML for your Thinfinity RDP Server, step 13

5) Back on the ‘Thinfinity Workspace/VirtualUI’ Manager, click on the ‘Mappings’ tab, and press the first ‘Add’:

Configure JumpCloud + SAML for your Thinfinity RDP Server, step 14

The ‘Authentication ID Mask’ must match the user sent from JumpCloud, for example:

Configure JumpCloud + SAML for your Thinfinity RDP Server, step 15

Click ‘Ok’. You should now see the user in the ‘Authentication ID Mask’ list. Below, you’ll find different examples of how you can integrate it:

Configure JumpCloud + SAML for your Thinfinity RDP Server, step 16

Click on the user you added, and press on the second ‘Add’. The ‘Select Users or Group’ window will be displayed.

Here, you will map the ‘External’ user (the JumpCloud credentials) to an ‘Internal’ user (Windows user) , so that Thinfinity can specify which ‘Access Profile’ will be displayed to each ‘external’ user. (‘Permissions’ tab in the ‘Access Profile Editor’):

Configure JumpCloud + SAML for your Thinfinity RDP Server, step 17

Click ‘Apply’.

6) Navigate to the Thinfinity URL, and you should see the new authentication method:

Configure JumpCloud + SAML for your Thinfinity RDP Server, step 18

If JumpCloud SAML is the only authentication method, then Thinfinity will redirect you directly to the JumpCloud login page:

Configure JumpCloud + SAML for your Thinfinity RDP Server, step 19

Get a Free Trial
Explore Thinfinity Workspace risk-free. Test our Cloud Management and RPAM features for enhanced security and control.

Have any questions?

Book a call today to learn more about how Thinfinity® can help your organization. We are always available to guide you and provide the best solution based on your specific needs.

Add Comment

Thinfinity_logo
Get a Demo
Experience how Universal ZTNA with Thinfinity integrates with VDI and DaaS for unmatched security and flexibility.
Thinfinity_logo

Get a Demo

Experience how Universal ZTNA with Thinfinity® integrates with VDI and DaaS for unmatched security and flexibility.

Blogs you might be interested in

<span>IAM</span>, <span>Identity Provider (IDP)</span>, <span>IT Admin</span>, <span>IT Security</span>, <span>JumpCloud</span>, <span>RBAC</span>, <span>RDP</span>, <span>SAML</span>, <span>Secure Access</span>, <span>Thinfinity Workspace</span>