In the JumpCloud application, you must add Lacework as a service provider before you can use it as an identity management application.
Complete the following steps in your JumpCloud account:
- Sign in to JumpCloud with Administrative privileges.
- After a successful login, you will see the page below. Click SSO.
3. Click the green add button to create the Lacework app. Lacework is not among the pre-built applications hence you select the “Custom SAML App” button as shown in the screenshot below.
4. Under General Info, provide a display name for the Lacework app. Optionally provide a description of the Lacework app.
5. Single Sign-On Configuration.
To populate some of the fields in JumpCloud SSO configuration, you will need to copy the following values from Lacework SAML SSO page:
Service Provider Entity ID: https://lacework.net
SAMLSubject NameID Format: urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
IdP Entity ID: (Required) This is the unique, case-sensitive identifier used by JumpCloud for the service provider. Please ensure that the value you enter matches the Identity Provider Entity ID you configured on your service provider's SSO configuration page.
In the example below, the Lacework URL was used as the IdP Entity ID.
Note: Replace “Yourdomain” with your Lacework subdomain.
6. Save the configuration.
7. Export JumpCloup Metadata.
8. Complete configuration in Lacework UI under Settings > Authentication. Create SAML SSO authentication.
- Select “Upload identity Provider data” radio button.
- Enter Identity Provider information ie https://sso.jumpcloud.com/saml2/saml2
- Upload IdP metadata that was exported in step 7.
9. Save configuration
Alternatively, you can manually enter identity provider data as shown below.
Download the IDP certificate from JumpCloud and upload it to Lacework. Make sure you save configuration.