We will create two applications:
The first application âRiot Adminâ will allow administrators to connect to https://hub.tryriot.com. This application should only be assigned to Riot administrators.
The second application âRiot Employee Portalâ will allow all employees to connect to their personal employee portal at https://portal.tryriot.com. This application can be assigned to all JumpCloud users.
1ď¸âŁ Configuring the Riot Admin application
Connect to your JumpCloud Admin Console, and in the left menu, go to User Authentication > SSO Applications.
Click on the button âAdd New Applicationâ.
In the search bar, search for âOIDCâ
Click on the search result named âCustom OIDC Appâ.
Click âNextâ.
Enter âRiot Adminâ for the âDisplay Labelâ field, and make sure the option âShow the application in User Portalâ is enabled.
Click âNextâ.
Click âConfigure Applicationâ.
Enter https://api.tryriot.com/v2/hub/connect/oidc/callback in the Redirect URIs.
Select âClient Secret Basicâ for the âClient Authentication Typeâ option.
In the âLogin URLâ field, enter the login URL that is being displayed on Riot.
In âAttribute Mappingâ, select the two standard scopes: âEmailâ and âProfileâ.
Click âActivateâ.
On this page, you can retrieve the two values you will need to enter on the Riot platform: the Client ID and the Client Secret.
Copy the values of these fields and paste them in the corresponding fields on Riot.
Your app is now created. Use the left menu to go to User Authentication > SSO Application, and click on the application âRiot Adminâ, and go to the âSSOâ tab.
In the âAttribute Mappingâ section, it is possible that the JumpCloud console may have created duplicated entries for some fields. In our example, it duplicated âemailâ and âemail_verifiedâ.
Make sure you have removed any duplicated entries and click âSaveâ.
Go to the âUser Groupsâ tab.
Check the box next to the group of person that should be allowed to connect to the Riot Administration, and click âSaveâ.
The first application is now created, and should appear on the User Portal for the persons who are members of the group which was assigned.
2ď¸âŁ Configuring the Riot Employee Portal application
Connect to your JumpCloud Admin Console, and in the left menu, go to User Authentication > SSO Applications.
Click on the button âAdd New Applicationâ.
In the search bar, search for âOIDCâ
Click on the search result named âCustom OIDC Appâ.
Click âNextâ.
Enter âRiot Employee Portalâ for the âDisplay Labelâ field, and make sure the option âShow this application in User Portalâ is enabled.
Click âNextâ.
Click âConfigure Applicationâ.
Enter https://albert.tryriot.com/portal/auth/oidc/callback in the Redirect URIs.
Select âClient Secret Postâ for the âClient Authentication Typeâ option.
In the âLogin URLâ field, enter the login URL that is being displayed on Riot.
In âAttribute Mappingâ, select the two standard scopes: âEmailâ and âProfileâ.
Click âActivateâ.
On this page, you can retrieve the two values you will need to enter on the Riot platform: the Client ID and the Client Secret.
Copy the values of these fields and paste them in the corresponding fields on Riot.
Your app is now created. Use the left menu to go to User Authentication > SSO Application, and click on the application âRiot Employee Portalâ, and go to the âSSOâ tab.
In the âAttribute Mappingâ section, it is possible that the JumpCloud console may have created duplicated entries for some fields. In our example, it duplicated âemailâ and âemail_verifiedâ.
Make sure you have removed any duplicated entries and click âSaveâ.
Go to the âUser Groupsâ tab.
Check the box next to the group of person that should be allowed to connect to the Riot Administration, and click Save. Since this application is meant to be accessed by all employees, you can assign the group âAll Usersâ.
The second application is now created, and should appear on the User Portal for the persons who are members of the group which was assigned.
