Configuring OneLogin SSO

nOps currently supports external SSO via OneLogin. Follow the procedures below to configure OneLogin SSO.

Pre-Condition to Enable SSO

  • Make sure the “SSO” is enabled from nOps admins dashboard for the client.

Screenshot

For Clients:

  1. Sign up and Create OneLogin App.
  • Sign up on the OneLogin website.
  • Go to the “Applications” page from the menu.
  • Click on “Add App.”

Screenshot

  • Search for “SAML Test Connector (IdP w/ attr w/ sign response).”

Screenshot

  • Click on it once searched. You can change icons and set any display name.
  • Click on SAVE.

Screenshot

  • Once saved, you will see new tabs on left side.
  • Click on SSO.
  • Now you need to copy some configurations from this screen to nOps’ SSO settings.

Screenshot

  1. Configuring OneLogin on nOps.
  • Log in to nOps and go to settings

Screenshot

  • Click on the SSO settings tab in the left navigation.

Screenshot

  • Now some configurations need be copied from OneLogin and pasted in nOps’ SSO settings.
  • From OneLogin configuration screen, copy “Issuer URL (EntityId)” and “SAML 2.0 Endpoint (HTTP).”
  • Paste it on nOps’ SSO settings form fields “Issuer URL (EntityId)” and “SAML 2.0 Endpoint(HTTP).”
  • Copy “X.509 Certificate” from OneLogin and paste it on nOps “X.509 Certificate” field on SSO Settings.
  • For the Certificate, please use one-line format tool below if needed.
  • https://samltool.com/format_x509cert.php
  • Click on “Setup” and the setup should succeed.
  • Close and re-open “SSO settings” popup. Then it should populate values for “AssertionConsumerService” and “EntityId.

Screenshot

  1. Adding “AssertionConsumerService” and “EntityId” in OneLogin.
  • From nOps’ SSO settings form, copy “AssertionConsumerService” and “EntityId.
  • On OneLogin app setting, open “Configuration” tab.
  • Paste “EntityId” into Audience.
  • Paste “AssertionConsumerService” to “Recipients,” ACS (Consumer) URL*,“ and “ACS (Consumer) URL Validator*” fields.
  • Click SAVE, and you will get redirected to “Info” tab.

Screenshot

  1. Adding Users on OneLogin
  • Open the “Users” screen from the top navigation and click on “New User” button.

Screenshot

  • Fill out the form and click “Save user” button.

Screenshot

  • Go to the “Applications” tab on “Users” and click on “+” icon on “Applications.”
  • Add the application that you just created so that this user can have access to it.
  • Click on “More Actions” dropdown and click “Send Invitation.”

Screenshot

  • Follow the invitation and set a password.
  • When the user logs in to OneLogin, they should see the app.
  • Clicking on the app takes them to nOps as a logged-in user.

Screenshot