Hal Wolin
06/04/2024, 2:57 PMHal Wolin
06/04/2024, 2:57 PMIvana Gasparekova
06/04/2024, 3:40 PMhttps://<organization-hostname>/login/oauth2/code/<organization-hostname>
- further instructions can be found here.
Login URL should be same as your GD Cloud hostname.
I am glad that you posted here also the official JumpCloud’s documentation:
https://jumpcloud.com/support/sso-with-oidc
Especially the part related to Client Authentication Type is quite important:
• Client Secret POST – the client authorizes itself providing the secret in the HTTP request body as a form parameter
• Client Secret Basic – the simplest method of client authentication using client secrets. It is a method where an application uses the HTTP Basic Authentication Scheme to authenticate with the authorization server
• Public (None PKCE) – Client authentication set to none and with the use of Proof Key of Code Exchange (PKCE) was created as a secure substitute for the OAuth implicit flow, where the client receives access tokens as the result of authorization
Please be aware that we do not support the third option - Public (None PKCE). It needs to be evaluated on your end, which of the two remaining options suits you better.
The last Import/Export users option needs to be again decided on your end. For example, if you plan to work with Just-In-Time (JIT) User Provisioning, I’d stick to the Export users to this App option.
Hopefully somebody with active GD Cloud/JumpCloud integration would chip in with their experience as well. 🤞