Configuring OneLogin SSO
nOps currently supports external SSO via OneLogin. Follow the procedures below to configure OneLogin SSO.
Pre-Condition to Enable SSO
- Make sure the “SSO” is enabled from nOps admins dashboard for the client.
- Sign up and Create OneLogin App.
- Sign up on the OneLogin website.
- Go to the “Applications” page from the menu.
- Click on “Add App.”
- Search for “SAML Test Connector (IdP w/ attr w/ sign response).”
- Click on it once searched. You can change icons and set any display name.
- Click on SAVE.
- Once saved, you will see new tabs on left side.
- Click on SSO.
- Now you need to copy some configurations from this screen to nOps’ SSO settings.
Configuring OneLogin on nOps.
- Log in to nOps and go to Settings
- Click on the SSO settings tab in the left navigation.
- Now some configurations need to be copied from OneLogin and pasted in nOps’ SSO settings.
- From OneLogin configuration screen, copy “Issuer URL (EntityId)” and “SAML 2.0 Endpoint (HTTP).”
- Paste it on nOps’ SSO settings form fields “Issuer URL (EntityId)” and “SAML 2.0 Endpoint(HTTP).”
- Copy “X.509 Certificate” from OneLogin and paste it on nOps “X.509 Certificate” field on SSO Settings.
- For the Certificate, please use the one-line format tool below if needed.
- Click on “Setup” and the setup should succeed.
- Close and re-open SSO settings popup. Then it should populate values for AssertionConsumerService and EntityId.
Adding AssertionConsumerService and EntityId in OneLogin.
- From nOps’ SSO settings form, copy AssertionConsumerService and EntityId.
- On OneLogin app setting, open “Configuration” tab.
- Paste EntityId into Audience.
- Paste “AssertionConsumerService” to “Recipients,” ACS (Consumer) URL*,“ and “ACS (Consumer) URL Validator*” fields.
- Click SAVE, and you will get redirected to Info tab.
Adding Users on OneLogin
- Open the Users screen from the top navigation and click on New User button.
- Fill out the form and click Save user button.
- Go to the Applications tab on Users and click on “+” icon on Applications.
- Add the application that you just created so that this user can have access to it.
- Click on More Actions dropdown and click “Send Invitation.”
- Follow the invitation and set a password.
- When the user logs in to OneLogin, they should see the app.
- Clicking on the app takes them to nOps as a logged-in user.