JitBit Hosted Help Desk

The following is an overview of the steps required to configure the JitBit Hosted Help Desk Web application for single sign-on (SSO) via SAM. JitBit offers both IdP-initiated SAML SSO (for SSO access through the user portal or Centrify mobile applications) and SP-initiated SAML SSO (for SSO access directly through the JitBit web application). You can configure JitBit for either or both types of SSO.

  1. Prepare JitBit for single sign-on (see JitBit requirements for SSO).

  2. In the Centrify Admin Portal, add the application and configure application settings.

    Once the application settings are configured, complete the user account mapping and assign the application to one or more roles. For details, see Configuring JitBit in Admin Portal (Part 1).

  3. Configure the JitBit application for single sign-on.

    You will need to copy some settings from Application Settings in Centrify Admin Portal and paste them into fields on the JitBit website. For details, see Configuring JitBit on its web site.

    After you are done configuring the application settings in the Admin Portal and the JitBit application, users are ready to launch the application from the Centrify user portal.

  4. Finish configuring application settings in the Centrify Admin Portal.

Once the application settings are configured, complete the user account mapping and assign the application to one or more roles. For details, see Configuring JitBit in Admin Portal (Part 2).

JitBit requirements for SSO

Before you configure the JitBit web application for SSO, you need the following:

  • An active JitBit instance for your organization.

  • A signed certificate.

  • You can either download one from Admin Portal or use your organization’s trusted certificate.

  • Contact information for JitBit support (to enable and test the SSO feature on your account).

Setting up the certificates for SSO

To establish a trusted connection between the web application and the Centrify Identity Platform, you need to have the same signing certificate in both the application and the application settings in Admin Portal.

If you use your own certificate, you upload the signing certificate and its private key in a .pfx or .p12 file to the application settings in Admin Portal. You also upload the public key certificate in a .cer or .pem file to the web application.

What you need to know about JitBit

Each SAML application is different. The following table lists features and functionality specific to JitBit.

Capability

Supported?

Support details

Web browser client

Yes

 

Mobile client

No

 

SAML 2.0

Yes

 

SP-initiated SSO

Yes

 

IdP-initiated SSO

Yes

 

Force user login via SSO only

No

 

Separate administrator login after SSO is enabled

No

 

User or Administrator lockout risk

No

Username-password login remains available after configuration.

Automatic user provisioning

Yes

 

Multiple User Types

Yes

SSO works the same way for all admin and non-admin user types.

Self-service password

Yes

Users can reset their own passwords. Resetting another user’s password requires administrator rights.

Access restriction using a corporate IP range

Yes

You can specify an IP Range in the Admin Portal Policy page to restrict access to the application.

Configuring JitBit in Admin Portal (Part 1)

Configuring JitBit on its web site

Configuring JitBit in Admin Portal (Part 2)

JitBit provisioning

SCIM (System for Cross-domain Identity Management) is an open standard for automating the exchange of user identity information between identity domains, or IT systems. It can be used to automatically provision and deprovision accounts for users in external systems such as your custom SAML app. For more information about SCIM, see www.simplecloud.info.

If your JitBit application supports SCIM, you can set it up to enable provisioning by entering the Access Token and SCIM URL.

For more information about provisioning your app, see Setting up generic SCIM provisioning.

For more information about JitBit

For more information about configuring JitBit for SSO, contact JitBit support.