Single Sign-On
      Back to home
      1. Help Center
      2. Getting Started
      3. Single Sign-On

      Setup Single Sign-On (SSO) with Jumpcloud for your Avoma accounts

      Use Avoma's SSO with Jumpcloud for streamlined access management and unified login experience for your users

      Introduction

      Single sign-on (SSO) is an authentication method that enables users to securely authenticate with multiple applications and websites by using just one set of credentials. SSO works based upon a trust relationship set up between an application, known as the service provider, (in this case Avoma) and an IDP (identity provider), like Okta, Azure AD, Jumpcloud etc.

      This help article documents the process of setting up SSO with Jumpcloud using the SAML 2.0 protocol for your Avoma account.

      Setting up SSO for Avoma with Jumpcloud SAML is a two step process.

      1. Create an Avoma app in Jumpcloud with SAML 2.0 option
      2. Provide details to set up Jumpcloud SAML SSO in Avoma.

      Disclaimer : 
      Please note that after SSO is enabled for your account, users will only be able to log in using SSO. Other authentication methods, such as Log in with Google/Microsoft, will no longer be functional.

      Step 1 : Create an Avoma app in Jumpcloud with SAML 2.0 option

      Prerequisite : You must be an admin in Jumpcloud to be able to set up Avoma app in Jumpcloud for SSO

      1. Log in to your Jumpcloud account > SSO Applications  > Add New Application.
      2. Click on Custom Application click Next
      3. Select "Manage Single Sign On" and select “Configure SSO with SAML”. Then click on the "Next" button.
      4. Enter the Display Label on the next screen and hit Save Application. Continue to Configure Application and add below settings on SSO Tab
      5. Copy the Metadata URL and save it somewhere. This information will be needed to be sent to Avoma team to setup SSO
      6. In “IdP Entity ID” section give a unique identifier such as “jumpcloud-<orgdomain>” where orgdomain would be your organization unique name
      7. In “SP Entity ID” enter “https://app.avoma.com
      8. In “ACS URLs” section, enter "https://prod-api.avoma.com/saml2/acs" 
      9. Leave the “SAMLSubject Name Id” Default to Email and Sign to “Assertion and Response”
      10. In the Default Relay state and Login URI enter "https://app.avoma.com" . 
      11. IMPORTANT: Please ensure to check “Declare Redirect Endpoint” , Leave the IDP URL to default as shown
      12. In the Attribute section, enter values as shown below
      13. Scroll down to click Save
      14. Now go to the Assignments tab and assign the app users and/or groups that should have access to Avoma.

      Step 2: Provide details to set up Jumpcloud SAML SSO in Avoma

      Currently, Avoma sets up an SSO on your behalf for your organization. Please contact Avoma Support or your Customer Success Manager and provide the following details:

      • Metadata URL copied in Step 1 - #5
      • IDP Entity ID set in Step 1 - #6

      Once Avoma has configured SSO for you, you will receive a confirmation. Avoma will also terminate the existing sessions for all your users so that they can freshly log in using SSO. Going forward all the users from your organization will only be able to login via SSO.


      Your users can then start using the SSO option on the Avoma login screen to access their accounts.