We will create two applications:
The first application “Riot Admin” will allow administrators to connect to https://hub.tryriot.com. This application should only be assigned to Riot administrators.
The second application “Riot Employee Portal” will allow all employees to connect to their personal employee portal at https://portal.tryriot.com. This application can be assigned to all JumpCloud users.
1️⃣ Configuring the Riot Admin application
Connect to your JumpCloud Admin Console, and in the left menu, go to User Authentication > SSO Applications.
Click on the button “Add New Application”.
In the search bar, search for “OIDC”
Click on the search result named “Custom OIDC App”.
Click “Next”.
Enter “Riot Admin” for the “Display Label” field, and make sure the option “Show the application in User Portal” is enabled.
Click “Next”.
Click “Configure Application”.
Enter https://api.tryriot.com/v2/hub/connect/oidc/callback in the Redirect URIs.
Select “Client Secret Basic” for the “Client Authentication Type” option.
In the “Login URL” field, enter the login URL that is being displayed on Riot.
In “Attribute Mapping”, select the two standard scopes: “Email” and “Profile”.
Click “Activate”.
On this page, you can retrieve the two values you will need to enter on the Riot platform: the Client ID and the Client Secret.
Copy the values of these fields and paste them in the corresponding fields on Riot.
Your app is now created. Use the left menu to go to User Authentication > SSO Application, and click on the application “Riot Admin”, and go to the “SSO” tab.
In the “Attribute Mapping” section, it is possible that the JumpCloud console may have created duplicated entries for some fields. In our example, it duplicated “email” and “email_verified”.
Make sure you have removed any duplicated entries and click “Save”.
Go to the “User Groups” tab.
Check the box next to the group of person that should be allowed to connect to the Riot Administration, and click “Save”.
The first application is now created, and should appear on the User Portal for the persons who are members of the group which was assigned.
2️⃣ Configuring the Riot Employee Portal application
Connect to your JumpCloud Admin Console, and in the left menu, go to User Authentication > SSO Applications.
Click on the button “Add New Application”.
In the search bar, search for “OIDC”
Click on the search result named “Custom OIDC App”.
Click “Next”.
Enter “Riot Employee Portal” for the “Display Label” field, and make sure the option “Show this application in User Portal” is enabled.
Click “Next”.
Click “Configure Application”.
Enter https://albert.tryriot.com/portal/auth/oidc/callback in the Redirect URIs.
Select “Client Secret Post” for the “Client Authentication Type” option.
In the “Login URL” field, enter the login URL that is being displayed on Riot.
In “Attribute Mapping”, select the two standard scopes: “Email” and “Profile”.
Click “Activate”.
On this page, you can retrieve the two values you will need to enter on the Riot platform: the Client ID and the Client Secret.
Copy the values of these fields and paste them in the corresponding fields on Riot.
Your app is now created. Use the left menu to go to User Authentication > SSO Application, and click on the application “Riot Employee Portal”, and go to the “SSO” tab.
In the “Attribute Mapping” section, it is possible that the JumpCloud console may have created duplicated entries for some fields. In our example, it duplicated “email” and “email_verified”.
Make sure you have removed any duplicated entries and click “Save”.
Go to the “User Groups” tab.
Check the box next to the group of person that should be allowed to connect to the Riot Administration, and click Save. Since this application is meant to be accessed by all employees, you can assign the group “All Users”.
The second application is now created, and should appear on the User Portal for the persons who are members of the group which was assigned.
