OneLogin SSO

Adding SaaS Management to your OneLogin SSO

If your organization uses OneLogin SSO to access applications, you can use it to sign in to SaaS Management as well. To use OneLogin SSO to access SaaS Management, you’ll need to add it as a new SAML application within OneLogin, add the required attributes, and add the connection information for OneLogin to SaaS Management.

Important

You must an admin of your OneLogin account to perform these actions.

Creating a new SAML application for SaaS Management

Important

Before you create a new SAML application in OneLogin, go to Settings > SAML Settings in SaaS Management and copy the Audience and Recipient URL values. You'll need these values when you configure the SAML settings for your new application.

To create a new SAML application:

1. Log in to your OneLogin admin account.

2. From the OneLogin Admin Console, select Applications > Applications.
   
   

3. Select Add App to create a new application.

4. Enter SAML in the search bar and select SAML Test Connector (Advanced).
   
   

5. Enter SaaS Management in the Display Name field and select Save.
   
   

6. Select the Configuration option from the left menu to open the Application details page.
   
   

7. Enter the following values into the appropriate fields:

   • In the Audience (EntityID) field, enter the Audience value that you previously copied from SaaS Management.
   • In the Recipient field, enter the Recipient URL from SaaS Management.
   • In the ACS (Consumer) URL Validator field, enter [-a-zA-Z0-9@:%._\+~#=]{2,256}\.[a-z]{2,6}\b([-a-zA-Z0-9@:%_\+.~#?&//=]*). This is a regular expression that validates whether the URL property is properly formed.
   • In the ACS (Consumer) URL field, enter the Recipient URL from SaaS Management.
   • In the Login URL field, enter the Recipient URL from SaaS Management.

8. Select Save to save these settings.

Now you can finish setting up your new SAML app by adding OneLogin attributes to the corresponding SAML attributes that SaaS Management will use.

Adding custom attributes

1. From the SAML Test Connector (Advanced) page, select the Parameters option from the left menu.

2. Select Add parameter () to add a new attribute.
   
   

3. Enter name for the Field name.
   
   

4. Under Flags, select the Include in SAML assertion check box and select Save.
   
   

5. Select - Macro - from the Value dropdown menu.
   
   

6. In the text box, enter {firstname} {lastname} and select Save.
   
   

7. Repeat the above steps to add an attribute named email. Select Email as its value.
   
   

Now you need to add the OneLogin connection information to SaaS Management.

Configuring SaaS Management to use your OneLogin SSO

1. Go to SaaS Management and select Settings from the navigation menu.

2. Select SAML Settings to display the connection fields. In the next step, you'll copy the required information from OneLogin into the appropriate fields.
   
   

3. Return to OneLogin. On the SAML Test Connector (Advanced) page, select the SSO option from the left menu to open the Enable SAML 2.0 page
   
   

4. Copy the value for SAML 2.0 Endpoint (HTTP) and paste it into the Sign In URL field on the SaaS Management SAML Settings page.
   
   

5. In OneLogin, select View Details underneath the X.509 Certificate.
   
   

6. Copy the contents of the certificate and paste them into the Certificate field on the SaaS Management SAML Settings page
   
   

7. To create the connection in SaaS Management, select Add SSO Connection to enable OneLogin to access SaaS Management.

   Dashboard users who have created a SaaS Management account can now sign in to SaaS Management using OneLogin SSO.

   If you want to require all users within your organization to sign in to SaaS Management using OneLogin SSO, select SSO Required.