This article explains how to configure JumpCloud as the Single Sign-On (SSO) provider for users to authentication to the Cato Client.
SSO relies on an encrypted token from Cato and your IdP to validate that the user is authenticated and allowed to connect to the network. For more details, see SSO Authentication for Users with Cato.
Overview
Configuring JumpCloud as your SSO provider simplifies authentication and enhances the user experience. With SSO configured for your account, users can log in to the Client by authenticating with their SSO credentials and do not need a different set of dedicated credentials.
Known Limitations
Always prompt is not supported for the token validity
Admin log in to the Cato Management Application is not supported
Configuring JumpCloud as an SSO Provider
Follow these steps to configure JumpCloud as an SSO provider:
Add Cato as an application in your JumpCloud console
Enter the details of your JumpCloud Host in the Cato Management Application
Configure the Token Validity
Step 1: Add Cato as an Application
In your JumpCloud console, add Cato as an application.

To add Cato as an application:
In the JumpCloud console, navigate to the SSO Application page.
Click Add New Application
Configure the JumpCloud application with these SSO settings:
Set Manage Single Sign-On to Configure SSO with OIDC.
Set the Client Authentication Type to Client Secret Post. For more information, see the JumpCloud SSO documentation.
Click Add URI and enter these URIs in as Redirect URIs:
https://sso.via.catonetworks.com/auth_resultshttps://sso.ias.catonetworks.com/auth_resultshttps://sso.proxy.catonetworks.com/auth_resultsUnder Login URL, again enter
https://sso.ias.catonetworks.com/auth_resultsConfigure the following Attribute Mapping:
Under Standard Scopes, select the Email checkbox.
Under USER ATTRIBUTE MAPPING:
In the Service Provider Attribute Name field, type
emailIn JumpCloud Attribute Name, select email
Click Save.
Step 2: Configure JumpCloud as your SSO Provider
In the Cato Management Application, enter the unique details for your JumpCloud account.

To configure JumpCloud as your SSO provider:
In the Cato Management Application, from the Navigation menu, click Access > Single Sign On.
Click New.
From the Identity Provider drop-down menu, select JumpCloud.
Enter a Name.
If you are configuring one Single Sign-On provider, enable the Default toggle. If you are configuring multiple Single Sign-On providers, see Configuring Multiple Identity Providers.
Enter your Client ID and Client Secret.
This information is available from your JumpCloud console.
Click Apply
Step 3: Configure the Token Validity
You can configure how long the Cato authentication token is valid for. The Token validity settings define in Days or Hours the amount of time that users remain authenticated. Users that are logged in must re-authenticate when the duration you define in Days or Hours (since they last logged in) has been reached.

To configure the token validity:
On the Access > Single Sign On page, define the Token validity settings.
Click Save.