Configuring OneLogin SSO
nOps currently supports external SSO via OneLogin. Follow the procedures below to configure OneLogin SSO.
Pre-Condition to Enable SSO
- Make sure the “SSO” is enabled from nOps admins dashboard for the client.
- Sign up and Create OneLogin App.
- Sign up on the OneLogin website.
- Go to the “Applications” page from the menu.
- Click on “Add App.”
- Search for “SAML Test Connector (IdP w/ attr w/ sign response).”
- Click on it once searched. You can change icons and set any display name.
- Click on SAVE.
- Once saved, you will see new tabs on left side.
- Click on SSO.
- Now you need to copy some configurations from this screen to nOps’ SSO settings.
- Configuring OneLogin on nOps.
- Log in to nOps and go to settings
- Click on the SSO settings tab in the left navigation.
- Now some configurations need be copied from OneLogin and pasted in nOps’ SSO settings.
- From OneLogin configuration screen, copy “Issuer URL (EntityId)” and “SAML 2.0 Endpoint (HTTP).”
- Paste it on nOps’ SSO settings form fields “Issuer URL (EntityId)” and “SAML 2.0 Endpoint(HTTP).”
- Copy “X.509 Certificate” from OneLogin and paste it on nOps “X.509 Certificate” field on SSO Settings.
- For the Certificate, please use one-line format tool below if needed.
- Click on “Setup” and the setup should succeed.
- Close and re-open “SSO settings” popup. Then it should populate values for “AssertionConsumerService” and “EntityId.”
- Adding “AssertionConsumerService” and “EntityId” in OneLogin.
- From nOps’ SSO settings form, copy “AssertionConsumerService” and “EntityId.”
- On OneLogin app setting, open “Configuration” tab.
- Paste “EntityId” into Audience.
- Paste “AssertionConsumerService” to “Recipients,” ACS (Consumer) URL*,“ and “ACS (Consumer) URL Validator*” fields.
- Click SAVE, and you will get redirected to “Info” tab.
Adding Users on OneLogin
- Open the “Users” screen from the top navigation and click on “New User” button.
- Fill out the form and click “Save user” button.
- Go to the “Applications” tab on “Users” and click on “+” icon on “Applications.”
- Add the application that you just created so that this user can have access to it.
- Click on “More Actions” dropdown and click “Send Invitation.”
- Follow the invitation and set a password.
- When the user logs in to OneLogin, they should see the app.
- Clicking on the app takes them to nOps as a logged-in user.