Jumpcloud.com saml integration

Hello there,

I am trying to integrate hosted cloud.elastic.co deployment on GCP with jumpcloud.com SAML
I have configured jumpcloud.com custom/generic custom provider and am able to login to the sso end-point after the configuration.
Configuring the xpack cloud-saml is failing with no useful message.

The configuration I am using:
xpack:
security:
authc:
realms:
cloud-saml:
type: saml
order: 2
attributes.principal: "nameid:persistent"
attributes.groups: "groups"
idp.metadata.path: "https://s3.us-east-2.amazonaws.com/vk-zubr/JumpCloud-saml2-metadata-2.xml"
idp.entity_id: "elastic-cloud"
sp.entity_id: "https://2fee30fbb05e49c598325159fcf012fe.us-central1.gcp.cloud.es.io:9243/"
sp.acs: "https://2fee30fbb05e49c598325159fcf012fe.us-central1.gcp.cloud.es.io:9243/api/security/v1/saml"
sp.logout: "https://2fee30fbb05e49c598325159fcf012fe.us-central1.gcp.cloud.es.io:9243/logout"

Any suggestions/ideas?

We intentionally show minimal information in the browser when SAML authentication fails.
Because authentication has failed, we cannot know who the user is, so we cannot safely show them any information about the cluster or its configuration.

To diagnose SAML problems, you need to look at the Elasticsearch logs.
In the cloud console, on the left hand menu, you should see "Elasticsearch -> Logs".
Check there for more deails about why authentication failed - it's impossible for us to guess based soley on a config file.

1 Like

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.