OneLogin | SAML

1. Display name

Choose a name for your identity provider. This is the user-facing name, so choose a name your users will recognize. This value can be changed later.

 

2. Redirect Mode

Select how the user will be redirected to the identity provider. You may configure more redirect modes after completing the setup.

 

3. Prepare IDP

In this step, we will configure OneLogin to work with Kantega SSO. For this, you will need to copy the ACS (Consumer) URL and ACS (Consumer) URL Validator provided. You will use this when setting up OneLogin.

 

Configure OneLogin

external

If you are using SCIM with your provider, make sure to check out the documentation for configuring this before proceeding. It might be that you need to configure this first or at the same time as setting up SAML.

Sign in to the OneLogin Admin Console, navigate to Applications > Add App, and search for Kantega SSO.

Give the application a name and save.

Go to the Configuration tab for your app and paste the ACS (Consumer) URL and the ACS (Consumer) URL Validator aquired from the Kantega SSO wizard.

In the Access tab, you can specify which roles should have access to the application. You can also give access to only certain users. You may also add the applictaion to certain users in the Users list in OneLogin.

Save your changes, open the More actions dropdown and copy the SAML Metadata url. This will be needed in the next step of the Kantega SSO wizard.

 

Go back to the Kantega SSO wizard.

4. Metadata

Paste the SAML Metadata URL from the previous step into the Metadata XML file published online (URL).

 

5. Redirect URL

he Redirect URL should be imported automatically from the metadata document. If this does not happen, you will be prompted to upload a certificate. This can be found under the SSO tab in OneLogin.

 

6. Certificate

This step shows the certificate used to validate the SAML messages.

 

7. Summary

Check that everything looks good and submit your setup

 

Test

Test that logging in with One Login works as expected. This will help identify if there are any issues with the configuration. Follow the steps to perform the login test.