Authenticating to KASM with JumpCloud

Two of my favorite home lab applications taste great together!

JumpCloud:

Add New Application in "SSO Applications"

Type "kasm" in the search bar. Create a Custom Integration

Select "Manage Single Sign-On (SSO)". Configure SSO with SAML.

Give a Display Label of "KASM". Go to Configure Application.

Download IDP Certificate

KASM:

Under Access Management, create a new configuration

Add the following details under Service Provider

• Display Name: JumpCloud
• Host Name: https://kasm.domain.name
• NameID Attribute: emailAddress
• x509 Certificate: Open the IDP certificate downloaded from JumpCloud in a text editor. Cut and past the content here.

Add the following details under Identity Provider

• Entity ID: kasm-jumpcloud
• Single Sign On Service/SAML 2.0 Endpoint: https://sso.jumpcloud.com/saml2/kasmserver
• Single Logout Service/SLO Endpoint: https://sso.jumpcloud.com/saml2/kasmserver
• x509 Certificate: Open the IDP certificate downloaded from JumpCloud in a text editor. Cut and past the content here.

Go to the bottom. Change the signature algorithm to "http://www.w2.org/2001/04/xmldsig-more#rsa-sha256"

Go to the top and select the Attribute Mapping tab. Create two attribute mappings: "First Name" to "firstname" and "Last Name" to lastname"

Return to the Edit tab and save the configuration.

Reenter the configuration and click the "Get Metadata" button on the bottom. This will open the metadata on a new browser tab. Copy the contents, paste them in a text editor and save the file as "metadata.xml".

JumpCloud:

Go back to the SSO tab. Under "Service Provider Metadata", upload the "metadata.xml" file.

In "IDP Entity ID", add kasm-jumpcloud. Further down in settings, ensure the "Signature Algorithm" is set to "RSA-SHA-256" 16. In "Default Relay State" add "https://kasm.domain.name/#/sso"

In "Login URL" add "https://lasm.domain.name/#/staticlogin"

At the bottom under "Attribute" add 3 attributes. emailAddress to email, firstname to firstname, and lastname to lastname