SSO

jomablue sso quick start jomablue supports user login via a saml2 0 based sso identity provider (okta, azure ad, onelogin, jumpcloud, etc ) setup steps 1\ contact jomablue request sso enablement and tell jomablue which email domain(s) should enforce sso login they will provide you with the urls and x509 certificate needed to configure your identity provider email support\@jomablue com with these details to initiate the process 2\ create a saml2 app in your identity provider in your idp admin console, create a new custom saml2 integration and populate the fields with the values provided by jomablue each idp labels these fields differently field in idp url entity id / audience uri sp entity id / sp issuer url https //\<instance> jomablue com/saml2/\<tenant uuid>/metadata acs url / reply url / single sign on url / acs url / assertion consumer service url / recipient / reply url https //\<instance> jomablue com/saml2/\<tenant uuid>/acs sign on url https //\<instance> jomablue com/saml2/\<tenant uuid>/login logout url (slo only) https //\<instance> jomablue com/saml2/\<tenant uuid>/sls not all fields are required by every identity provider 3\ configure attribute mapping set the application username to email also map name attributes — either a single full name value, or separate first name and last name attributes from your idp 4\ send your idp details back to jomablue once the saml2 integration is created, your idp will generate its own urls and x509 certificate (or an xml metadata file containing all of this) send these back to jomablue via the same channel they used to contact you 5\ jomablue completes setup jomablue will notify you when sso is live your portal login page will change to display only an email address field that's your confirmation that sso has been enabled logging in once sso is active, users can log in via either method jomablue initiated login — the user navigates to the portal login page, enters their email address, and is redirected to authenticate with the idp after authenticating, they are directed to the events list idp initiated login — the user clicks the jomablue icon from their idp's apps screen and is taken directly into the portal user provisioning first owner user if your instance does not yet have an owner level user, the nominated owner should log in via sso first once they have logged in as a portal level user, notify jomablue and they will elevate the account to owner/support level access additional users via scim jomablue's sso integration supports scim users granted access to jomablue in your idp are automatically provisioned as portal level users — no separate account creation required to elevate a user above portal level access, an owner level user can edit their user record in jomablue