How to integrate SSO in nOps

For nOps:

Enable SSO Feature on Admin page (It’s disabled by default).

nops-integate-sso-01

Then click Save.

OneLogin Documentation from OneLogin: https://developers.onelogin.com/saml/python

For Client:

On OneLogin, Add new Application

nops-integate-sso-02

With SAML Test Connector

nops-integate-sso-03

Copy Issuer URL

nops-integate-sso-04

Go go nOps SSO Settings Enter provided information setting from OneLogin.

nops-integate-sso-05

On nOps SSO settings page, copy ACS and Entity Id into

nops-integate-sso-06

Entity Id into Audience, ACS to Recipient and ACS (Consumer) URL*

nops-integate-sso-07

Add new User into One Login

nops-integate-sso-08

Provide the user with access permission to a new Application.

nops-integate-sso-09

After user sign in into OneLogin Portal. They can click on Application to get access to nOps.

nops-integate-sso-10

On first time user login via SSO, they need to confirm permission via email address.

nops-integate-sso-11

Okta https://help.okta.com/en/prod/Content/Topics/Apps/Apps_App_Integration_Wizard_SAML.htm

Add new Application Integration

nops-integate-sso-12

Select Platform Web, Sign on method SAML 2.0

nops-integate-sso-13

Choose the Application name

nops-integate-sso-14

Go to the SSO Settings page in nOps and copy these values

nops-integate-sso-15

Into the SAML Settings of Okta

nops-integate-sso-16

Select the Attribute Statements (REQUIRED), if you don’t configure it nOps SSO won’t work.

Use the following configuration (case sensitive)

User.email -> user.email User.FirstName -> user.firstName User.LastName -> user.lastName

nops-integate-sso-17

In the next step select it as an internal app

nops-integate-sso-18

After creating application, click on the View Setup Instructions

nops-integate-sso-19

  • Copy Identity Provider Single Sign-On URL from Okta to SAML 2.0 End Point on nOps
  • Identity Provider Issuer from Okta to Issuer URL
  • Copy X.509 Certificate into nOps

nops-integate-sso-20

nops-integate-sso-21

Assign the User into Application

nops-integate-sso-22

The user can login via Okta now.

nops-integate-sso-23

On first time user login via SSO, they need to confirm permission via email address.

nops-integate-sso-24