OneLogin SAML

Step-by-step guide to configure Single Sign-on with OneLogin as the Identity Provider.

1. Creating Enterprise Application

Login to your OneLogin Portal. Go to Applications→ Applications.

Locate Applications

Click on Add App.

Click on Add App

In the Find Application search box, type in SAML Custom Connector (Advanced), and select it from the drop down list.

Select SAML Custom Connector from drop down (GIF)

Give your app a name that reflects the application you'll be connecting it to, so users can easily recognize it in their OneLogin portal., select your icon (optional) and then click on Save.

Click on Save

2. SAML Configuration

On the Application page click on Configuration.

Locate Configuration

From your SSO Configuration Portal, copy the ACS (Consumer) URL. Go back to your OneLogin Admin Portal, and paste it in the Recipient and ACS (Consumer) URL Validator fields.

Copy ACS (Consumer) URL on SSO Configuration Portal

OneLogin Admin Portal

Paste it in Recipient, ACS URL Validator, and ACS(Consumer) URL fields on OneLogin Admin Portal

Similarly, copy the Audience (Entity ID) from your SSO Configuration Portal. Go back to your OneLogin Admin Portal, and paste it in the Audience (EntityID).

Copy Audience (Entity ID) on SSO Configuration Portal

Paste copied URL in Audience (EntityID) on OneLogin Admin Portal

Click on Save.

Locate Save

3. Attribute Mapping

Go to the Parameters tab on OneLogin Admin Portal, and click on the plus (+) sign to add attributes.

Locate Parameters tab

Check the Attribute Mapping section in the SSO Configuration Portal, and carefully map the exact same attributes on your OneLogin Admin Portal.

Check attributes on SSO Configuration Portal

Paste attributes on OneLogin Admin Portal

4. Assign User/Group

Go to the Users tab.

Locate Users under Users tab

Click the user you want to assign to the application.

Select user to assign

Click on the Applications tab. Click on the + sign to assign the newly created application.

Add application to previously selected user

Select the newly created application from the drop down, and click on Continue.

Select application from drop-down

Click on Save.

Save user assignment to application

5. Upload IdP Metadata URL

On OneLogin Admin Portal, click on SSO. Copy the Issuer URL.

Copy Issuer URL on OneLogin Admin Portal

Under Identify Provider Configuration, select Configure using Metadata URL, and paste it under App Federation Metadata URL on the SSO Configuration Portal.

Paste Issuer URL on SSO Configuration Portal

6. Test Connection

Click on Test Connection. If everything is done correctly, you will see a Success response as shown below.

If the connection fails, you’ll see an error, the reason for the error, and a way to solve that error right on the screen.

Test SSO Configuration

7. Enable Connection

Click on Enable Connection. This will let all your selected users login to the new application via your OneLogin Admin Portal SSO.

Enable SSO on Onelogin Admin Console

With this, we are done configuring your OneLogin Admin Portal application for an SSO login setup.