BlueJeans cloud application

You must be signed in as a super administrator for this task.

Using Security Assertion Markup Language (SAML), your users can use their Google Cloud credentials to sign in to enterprise-cloud applications.

Set up SSO via SAML for BlueJeans

Here's how to set up single sign-on (SSO) via SAML for the BlueJeans® application.

Step 1: Set up BlueJeans as a SAML 2.0 service provider (SP)
  1. Sign in to your Google Admin console.

    Sign in using your administrator account (does not end in @gmail.com).

  2. From the Admin console Home page, go to Security and then Set up single sign-on (SSO).

    To see Security, you might have to click More controls at the bottom. 

  3. Click the Download button to download the Google IdP metadata and the X.509 Certificate.
  4. In a new browser tab, log into your BlueJeans application as an administrator.
  5. Under the Admin tab, go to Security.
  6. Click the SAML Single Sign On radio button under Authentication Options.
  7. Copy the Google Single Sign-On URL (see Step 5 below) from the BlueJeans cloud application and paste it into the SAML Login URL field.
  8. Filling in the Logout URL field is optional. You can leave it empty. 
  9. To fill in the Certificate Path, click the Choose File button to select the Google X.509 certificate you downloaded in Step 3.
  10. Click Save and proceed to the next section to set up Google as a SAML identity provider (IdP).
Step 2: Set up Google as a SAML identity provider (IdP)
  1. In a new browser tab, 
    Sign in to your Google Admin console.

    Sign in using your administrator account (does not end in @gmail.com).

  2. From the Admin console Home page, go to Apps and then SAML Apps.

    To see Apps on the Home page, you might have to click More controls at the bottom. 

  3. Click the plus (+) icon in the bottom corner.
  4. Select the BlueJeans item from the list. The values on the Google IDP Information page automatically populate.
  5. There are two ways to collect the service provider Setup information: you can copy the Entity ID and the Single Sign-On URL field values and download the X.509 Certificate, paste them into the appropriate service provider Setup fields, and then click Next, or you can download the IDP metadata, upload it into the appropriate service provider Setup fields, and then  come back to the admin console and click Next.
  6. In the Basic application information window, the Application name and Description values automatically populate.
  7. Click Next.
Step 3: Enter service provider details in Google Admin console
  1. In the Service Provider Details section, enter the following URLs into the Entity IDACS URL, and Start URL fields:
            ACS URL: https://bluejeans.com/sso/saml2/
            Entity ID: http://samlsp.bluejeans.com
            Start URL: your-instance-relay-state-parameter
  2. Leave Signed Response unchecked.
    When the Signed Response checkbox is unchecked, only the assertion is signed. When the Signed Response checkbox is checked, the entire response is signed.
  3. The default Name ID is the primary email. Multi-value input is not supported.
  4. Click Next.
  5. Click Add new mapping and map the attribute value "Mailpath" to Basic Information > Primary Email
  6. In the drop-down list, select the Category and User attribute to map the attribute from the Google profile.
  7. Click Finish.
Step 4: Enable the BlueJeans app
  1. Sign in to your Google Admin console.

    Sign in using your administrator account (does not end in @gmail.com).

  2. From the Admin console Home page, go to Apps and then SAML Apps.

    To see Apps on the Home page, you might have to click More controls at the bottom. 

  3. Select BlueJeans.
  4. At the top right of the gray box, click Edit Service Compose.

  5. To apply settings to all organizations, click On for everyone or Off for everyone, and then click Save

  6. To apply settings to individual organizational units, do the following: 

    • At the left, select the organizational unit that contains the users whose settings you want to change.
    • To change the setting, select On or Off.
    • To keep the setting the same, even if the parent setting changes, click Override.
    • If the organization's status is already Overridden, choose an option:
      Inherit—Reverts to the same setting as its parent.
      Save—Saves your new setting (even if the parent setting changes).

    Learn more about the organizational structure.

  7. Ensure that your BlueJeans user account email IDs match those in your Google domain.
Step 5: Verify that the SSO is working
  1. Open https://your-domain-name.bluejeans.com. You should be automatically redirected to the Google sign in page.
  2. Enter your sign in credentials.
  3. After your sign in credentials are authenticated you will be automatically redirected back to BlueJeans.
Was this helpful?
How can we improve it?