This site requires JavaScript to be enabled
External Customer KB > General > Configuring SAML for Blue Jeans
Configuring SAML for Blue Jeans
Article: KB0010620 Published: 06/06/2019 Last modified: 02/18/2020

This topic describes how to configure OneLogin to provide SSO for Blue Jeans using SAML.

  1. Log into OneLogin as an admin and go to Apps > Add Apps.

  2. Search for and select the Blue Jeans Network connector.

    The initial Configuration tab appears.

  3. Ensure that in the Connectors section, the SAML2.0 connector is selected.

  4. Click Save to add the app to your Company Apps and display additional configuration tabs.

    The Info tab appears.

  5. Go to the Parameters tab and map Blue Jeans attributes to OneLogin attributes.

    In most cases, you should accept the default values. Ensure that the Blue Jeans Network field Username is set to AD user name if you use Active Directory as the third party directory. Otherwise, set Username to Email. Click Save if you made any changes on the Parameters tab.

    Blue Jeans Parameters tab

  6. Go to the Access tab, assign the OneLogin roles that should have access to Blue Jeans and provide any app security policy that you want to apply to Blue Jeans.

    You can also go to Users > All Users to add the app to individual user accounts.

  7. Go to the SSO tab to view the values that you'll copy into your Blue Jeans instance to set up SAML SSO.

  8. Open a new browser tab and go to the Blue Jeans login page and login as admin to enter OneLogin's SAML SSO values.

    1. Go to Admin > Group Settings > Security to see the SAML configuration page.

    2. Select the SAML Single Sign On option.

    3. Check the Enable automatic provisioning option if you want to use Just In Time Provisioning.

    4. Copy the value in the RelayState field, which you will insert into OneLogin to guide the authentication request redirects.

    5. Select the Pick User ID from <saml2:nameID> element option.

      Enter the following values into the Configure SAML Attribute Mapping fields. When mapping SAML attributes, cases and spacing matter so be sure to input this information exactly as shown.

      Field Name Value

      Email

      email

      Username

      username

      First Name

      firstname

      Last Name

      lastname

      Title

      title

      Phone

      phone

      Company

      company

      Meeting ID

      Leave blank
  9. Go back to the OneLogin SSO tab and copy the SAML values from the OneLogin SSO tab to the analogous Blue Jeans fields.

    Copy this OneLogin SSO field value: To this Blue Jeans SSO settings field:

    SAML 2.0 Endpoint (HTTP)

    Login URL

    https://app.onelogin.com/password

    Password Change URL

    https://app.onelogin.com

    Logout URL

    X.509 Certificate

    To get the X.509 Certificate, click View Details to open the certificate page. Select X.509 PEM from the drop-down list and then click Download.

    Certificate Path

    Click the Choose File button and navigate to your downloaded X.509 PEM Certificate. Select the certificate and click Open.

    When you have completed the Blue Jeans Security tab, it should appear as follows.

  10. Go to the OneLogin Configuration tab and paste the RelayState that you copied in step 8.

    Blue Jeans Configuration tab

    This value tells OneLogin where to send the SAML message.

  11. Test the SAML connection.

    1. Ensure that you have a user account in both OneLogin and Blue Jeans that use the same email as the username.

      You can create a test user, or you can use your own account if you choose.

    2. Make sure that you are logged out of Blue Jeans.

    3. Log in to OneLogin as an admin and give the test user (or yourself) access to the Blue Jeans app in OneLogin. (See step 6 above)

    4. Log in to OneLogin as the test user.

    5. Click the Blue Jeans icon on the OneLogin dashboard.

      If the test user is able to access Blue Jeans, then SAML works.


Expand/Collapse Comments
:     
Was this helpful?
YesYesNoNo