Configuring OneLogin SSO
nOps currently supports external SSO via OneLogin. Follow the procedures below to configure OneLogin SSO.
Pre-Condition to Enable SSO
Make sure the “SSO” is enabled from nOps admins dashboard for the client.
Signup and Create Onelogin App.
Signup on the one-login web.
Go to the “Applications” page from the menu.
Click on “Add App”
Search for “SAML Test Connector (Advanced)”
Click on it once searched. You can change icons and set any display name.
Click on SAVE
Once saved, you will see new tabs on left side.
Click on SSO
Now you need to copy some configurations from this screen to nOps SSO settings.
Configuring onelogin on nOps.
Login into nOps and go to “SSO setting” on settings screen.
Now some configurations need to be copied from onelogin and pasted in nOps SSO settings.
From Onelogin configuration screen , Copy “Issuer URL (entityId)” and “SAML 2.0 Endpoint (HTTP) “
PASTE it on nOps SSO settings form fields “Issuer URL (entityId)” and “SAML 2.0 Endpoint(HTTP)”
Copy “X.509 Certificate” from Onelogin and Paste it on nOps “X.509 Certificate” field on SSO Settings.
For the Certificate, Please use one line format tool below if needed.
Click on “SETUP” and the setup should succeed.
Refresh the SSO page on nOps then it should populate values for “AssertionConsumerService” and “EntityId” if those are not populated already.
Adding “AssertionConsumerService” and “EntityId” in Onelogin.
From nOps SSO settings form copy “AssertionConsumerService” and “EntityId” .
On Onelogin app setting open “Configuration” tab.
Paste “EntityId” into Audience
Paste “AssertionConsumerService” to “Recipient”, “ACS (Consumer) URL* and “ACS (Consumer) URL Validator* ” fields
Click SAVE and you will get redirected to “Info” tab.
Adding Parameters on OneLogin.
Go to Parameters from left side.
Click on “Add new field”
Enter field name : User.email
Check on Include in SAML assertion box
In Value field enter Email
Repeat the same thing for field User.FirstName and Check on Include in SAML assertion box and value First Name
Repeat same thing for field User.LastName and Check on Include in SAML assertion box and value Last Name
Adding Users on Onelogin
Open the “Users” screen from the top navigation and click on “New User” button.
Fill out the form and click “Save user” button
Go to the “Application” tab on user and click on “+” icon on applications.
Add the application that you just created so that this user can have access to it.
Click on “More Actions” dropdown and click “Send Invitation”
Follow the invitation and set a password.
When the user login into Onelogin then they should be seeing the app.
Clicking on the app takes them to nOps and ask them to confirm SSO login by confirming in email URL.
After confirming with the URL in EMAIL they should be able to login.