I. Prerequisites

• Jumpcloud account with administrative access.
• Thinfinity Workspace installed and accessible.
  

II. Configuring Jumpcloud

Create a Jumpcloud Application for Thinfinity Workspace

• First, log into your Jumpcloud dashboard or create a new account if necessary.
• Go to the SSO Applications section and click Get Started.

• Select the Application type, in this case it will be Custom Application. Click Select.

• Once you have selected the application type, click Next.

• Select the Manage Single Sign-On (SSO) feature and Configure SSO with SAML as the authorization protocol. Then click Next.

• Now, in Display Label, provide a name for the app and click Save Application.

• Here you will see a summary of the options you have selected so far. You can now proceed with the configuration by clicking Configure Application.

• In the SSO Configuration, complete the IdP Entity ID, SP Entity ID, Default URL and IDP URL fields in this format:

Obtain Jumpcloud Certificate

• Now that the application has been created, you should download the Jumpcloud certificate. Go to SSO Applications in the dashboard and select the Thinfinity application.

• Next, select IDP Certificate Valid in the left pane and click Download certificate. You will need this certificate to configure Thinfinity Workspace.

Configure User Assignments

• You can create users manually or import them from Active Directory, CSV, or other repositories. Select Users in the dashboard and click the desired option.

• Then you will activate the users and assign them to different user groups, which you will also create. Select User Groups in the dashboard and click the plus button to create a group.

• After you create the user group, add previously created users to it. Within the new user group, click Users and assign them.

• Now go to Applications and click the application you want to assign to this user group. Then click Save.

III. Configuring Thinfinity

Set Up SSO on Thinfinity Workspace

• Open the Thinfinity Configuration Manager, navigate to the Authentication tab and, below that, select the Methods tab. Then click Add > SAML.

Enter Jumpcloud SAML Details in Thinfinity Workspace

• Here, you will Name the method and enter the Jumpcloud SAML values that you have previously obtained from the Jumpcloud dashboard, into the appropriate fields on the General tab of the Authentication Method Settings, as shown below:
  • Service Identifier = SP Entity ID (https://[MythinfinityWebsite]:[Port]).
  • Service Certificate File = Path to your certificate’s file (This is your workspace's site certificate).
  • Service Certificate Password = Password for the certificate above.
  • Identification Entity ID = IdP Entity ID.
  • Single Sign-On Service URL = Identity Provider Single Sign-On URL.
  • Sign-Out URL = This value is optional.
  • Partner Certificate File = Path to the X.509 Certificate you previously downloaded from Jumpcloud.

Configure User Attributes

• Define which user attributes from Jumpcloud will map to Thinfinity Workspace user accounts. Common attributes include email, name, and groups.

IV. Testing the SSO Integration

• Attempt to log in to Thinfinity Workspace and try the option Sign in with SAML.