# JumpCloud

## Overview

This guide walks you through configuring SAML-based Single Sign-On (SSO) between JumpCloud and Mailtrap.

## On JumpCloud side

{% stepper %}
{% step %}
Navigate to **SSO** in JumpCloud and click the **+** button to add new application.

<div data-with-frame="true"><img src="/files/5PyaNos3S5dtcOMXuUXC" alt=""></div>
{% endstep %}

{% step %}
Search for **SAML** and choose **Custom SAML App**.

<div align="left" data-with-frame="true"><img src="/files/u7BwOBsu4LzIlnqJnxdw" alt="" width="563"></div>
{% endstep %}

{% step %}
Specify the application name and proceed to the **SSO** tab.

<div align="left" data-with-frame="true"><img src="/files/0IcDxUlF2lFeugzHXl45" alt="" width="563"></div>
{% endstep %}

{% step %}
Provide the following SAML Provider details to JumpCloud from Mailtrap:

* **SP Entity ID** → Entity ID from Mailtrap
* **ACS URL** → Assertion Consumer Service URL from Mailtrap

<div data-with-frame="true"><img src="/files/cKyrSfvHOUVMCOSbB7Dr" alt=""></div>

Additional SAML settings:

* **SAMLSubject NameID** should be `email`
* **SAMLSubject NameID Format** leave default value
* **Signature Algorithm** leave default value
  {% endstep %}

{% step %}
If you want to use role mapping, specify **User Attributes** for role mapping:

<div align="left" data-with-frame="true"><img src="/files/C82DCgOyxK83AG2EoX1h" alt="" width="375"></div>
{% endstep %}

{% step %}
Click **Activate**, then click **Save** after successful activation. Then, download the certificate from the **IDP Certificate Valid** section.

<div align="left" data-with-frame="true"><img src="/files/NmenL2xfO91CZZJzvgE9" alt="" width="188"></div>
{% endstep %}
{% endstepper %}

## On Mailtrap side

After configuration is ready on JumpCloud side, you can set up the configuration on Mailtrap side.

{% stepper %}
{% step %}
Provide the following to Mailtrap from JumpCloud:

* **IdP Entity ID** (Identity Provider Issuer) → IdP Entity ID from JumpCloud
* **Single Sign-on URL** → IDP URL from JumpCloud
* **X509 Certificate** → Value from the downloaded certificate

<div data-with-frame="true"><img src="/files/jNX2HMZG3jvI5f7h9UUk" alt=""></div>
{% endstep %}

{% step %}
Click **Save** in Mailtrap SSO configuration. For role mapping, configure additional settings as described in the [SSO Guide](https://github.com/mailtrap/mailtrap-docs/blob/main/guides-and-tips/sso/sso-guide.md#step-5-role-mapping).

Your SAML configuration is now complete.
{% endstep %}
{% endstepper %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.mailtrap.io/account-and-organization/management/sso/jumpcloud.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.