Shine a light on shadow apps

ConductorOne Docs

Sign up for ConductorOne using JumpCloud SSO

Configure a JumpCloud OpenID Connect (OIDC) app to set up ConductorOne and enable single-sign-on access for your users.

Welcome!

If you’re a JumpCloud user looking to set up ConductorOne for your organization, you’ve come to the right place. Follow the instructions on this page to set up ConductorOne so your colleagues can SSO in with their existing JumpCloud credentials.

๐Ÿ“‹ Before you begin

A ConductorOne invite code is required for the setup process. If you don’t yet have an invite code, contact support@conductorone.com.

Step 1: Create a ConductorOne instance

  1. Navigate to https://accounts.conductor.one/accounts/signup.

  2. In the Domain field, enter the domain you want to use for your ConductorOne instance. This will form the URL at which your users access ConductorOne.

    • For example, if you work at Acme Co., enter acmeco to create an acmeco.conductor.one domain.

  3. In the Display name field, enter the name of your company.

  4. In the Invite code field, paste in the invite code you received from ConductorOne. Note that the code is case-sensitive.

  5. Click Sign up with JumpCloud.

A new paged called Setting up JumpCloud to work with ConductorOne opens. Leave this page open, and open a new browser tab to create your ConductorOne OIDC application in JumpCloud. Once the application is set up, you’ll return to this registration page to finish configuring SSO for your new ConductorOne instance.

Step 2: Create an OIDC application in JumpCloud

  1. In a new browser tab, navigate to the JumpCloud Admin Portal and click User authentication > SSO.

  2. Click + Add New Application.

  3. Scroll to the bottom of the window and click Custom OIDC App.

  4. Enter the following information in the specified fields:

    • Display Label: ConductorOne
    • (Optional) Logo:
      ConductorOne logo
      Right click to copy.

  5. Click Save.

  6. On the SSO tab, fill out the specified fields as follows:

    • Redirect URIs: Enter https://accounts.conductor.one/auth/callback
    • Client Authentication Type: Client Secret POST
    • Login URL: https://YOUR_DOMAIN.conductor.one/login?sso_operation=initiate_login (use the ConductorOne domain you chose in Step 1)

  7. In the User Attribute Mapping section, enter email in the Service Provider Attribute Name field and select email in the JumpCloud Attribute Name field, then click Add Attribute.

  8. On the User Groups tab, select one or more groups to assign access to ConductorOne.

  9. Click Activate. Leave the Application Saved popup that displays the Client ID and the Client Secret fields open. You’ll use these values in the next step.

Step 3: Copy JumpCloud application auth details to ConductorOne

Now that the OIDC app is created, retrieve the Client ID and Client Secret and add that information to the Setting up JumpCloud to work with ConductorOne page. To complete this step you’ll move back and forth between your JumpCloud tab and the ConductorOne registration tab.

  1. In JumpCloud, copy the ConductorOne app’s Client ID from the Application Saved popup.

  2. In ConductorOne, paste the Client ID into the Client ID field.

  3. In JumpCloud, copy the ConductorOne app’s Client Secret.

  4. In ConductorOne, paste the Client Secret into the Client secret field.

  5. In ConductorOne, click Sign up with JumpCloud.

JumpCloud will now guide you through the SSO sign-in process and redirect you to the ConductorOne dashboard.

Step 4: Grant JumpCloud users access to ConductorOne

Finally, give your colleagues access to ConductorOne via JumpCloud SSO by adding the new ConductorOne app to a JumpCloud user group.

  1. In the JumpCloud Admin Portal, navigate to User Groups.

  2. Select the existing user group you’d like to give access to ConductorOne (or create a new user group by clicking the green Create button).

  3. Click Applications and select ConductorOne.

  4. Click Save.

What’s next?

In the next step of the setup process, we’ll integrate the apps that hold key information about your company’s employees, such as your human resources app or your identity provider (IdP). ConductorOne uses the data from these directory apps to build a complete and accurate list of your organizations’ employees and create ConductorOne user accounts for them. When you’re ready, move on to Connect your user directory.