JumpCloud SSO SAML error

CholtonATX · September 23, 2022, 2:51pm

Howdy. We’re on the latest (v1.30.3291.77 0fb39c) version with a subscription. Trying to hook up Pritunl and JumpCloud, but keep getting an error:

SAML Error: response Issuer does not match the IDP metadata (expected “https://sso.jumpcloud.com/saml2/pritunl#####”)

Anyone have experience with this or troubleshooting similar issues? The IdP URL is exactly what appears in the Pritunl SAML config. This my 79th SSO/SAML app on JumpCloud so I feel pretty confident that I did everything correctly. Maybe missing something on the Pritunl side?

zach · September 23, 2022, 3:31pm

The IdP Entity ID in JumpCloud should match the SAML Sign-On URL and SAML Issuer URL in Pritunl. The SP Entity ID should be set to pritunl in JumpCloud.

CholtonATX · September 23, 2022, 3:33pm

Hi Zach,

EDIT: Ok I set the IdP Identity ID to match the IdP URL and it worked. That’s… unusual. Thanks for your help.

Do you mean the IdP Entity ID or the IdP URL?

zach · September 23, 2022, 3:38pm

Both IdP Entity ID and IDP URL should be the same in JumpCloud.