Attribute to map the uuid to = email
Identifier of the idP entity (must be uri) = mynextcloud.local
URL target of IDP = https://jumpcloud.com/saml2/mynextcloud
User a SAML 2.0 template not the NextCloud template and fill it in as follows (BTW this is for
Nextcloud 18.0.4 installed via snap on Ubuntu 18.0.4 LTS)
Note to get around the post issue of only 4 urls per post I changed // to slash slash…
Enable the groups attribute and set the field to “memberOf”
Here is Nextcloud SP configuration
Attribute to map the uuid to = username
Identifier of the idP entity (must be uri) = JumpCloud
URL target of IDP = https: slash slash jumpcloud.com/saml2/mynextcloud
Under Show optional Identity Provider settings …
SLO = https:slash slash jumpcloud.com/saml2/mynextcloud
Paste in IdP certificate from JumpCloud
Enter the Attribute mapping
displayname -> displayname
email -> email
groups -> memberOf
Under Show security settings…
Check the first option (logoutRequest)
Check the Last option (ADFS)
The only problem that I’m getting is sometimes if I log out
i have put exactly the same but i stil get that the user is not provisioned
i m running nextccloud 21 on kubernetes
i m well authenticated by the jumpcloud SSO
but the thing i dont understand is how jumpcloud can provision user in nextcloud , normaly it should be done by JIT or something like that
For the test i added manualy a user with the same mail but still does not work