SAML integration In OneLogin

This guide describes the steps required to create a working SAML integration between OneLogin and GoBright. All the following steps below are configured in the OneLogin admin portal.

1. Create a custom SAML connector

In the OneLogin administration portal, add an application ‘SAML Custom Connector (Advanced)’, this will be the application which handles the SAML login flow to GoBright.

2. Configure SSO & Parameters
  • In the OneLogin admin portal, go to the tab ‘SSO’
  • Set ‘SAML Signature Algorithm’ to ‘SHA-256’:
  • Save the settings
  • Go to the tab ‘Parameters’
  • Add at least the claim for the ‘Name’ of the user:
  • Claim name: ‘http://schemas.xmlsoap.org/claims/CommonName’
  • Value : ‘Name’
  • Flags : check the checkbox ‘Include in SAML assertion’
3. Configure SSO
  • Download the ‘SAML Metadata’ file:
  • Open the downloaded file in a text editor, and take the following two values ‘X509Certificate’ and ‘HTTP-Redirect’, you will need those two values in the next step
4. Create integration
  • In the GoBright admin portal, go to the menu ‘Integrations’
  • Open the existing ‘SAML’ integration, or create a new integration of type ‘SAML’
  • Now fill the values from the previous step:
  • ‘HTTP-Redirect’ should be pasted into ‘Single Sign-on service url’
  • ‘X509Certificate’ should be pasted into ‘Token-signing certificate (Base64)’
  • Now take the following values from the integration page, those are needed in the OneLogin admin portal:
  • ‘Relying party identifier / Entity Id’
  • ‘Reply URL (Assertion Consumer Service URL)’
  • ‘Direct login url’
  • Save the settings
5. Configure SSO
  • In the OneLogin admin portal, go to the tab ‘Configuration’
  • Paste the three values from the previous step in the related fields:
  • Set ‘SAML initiator’ to ‘Service Provider’:
  • Save the settings

Next

Proceed to step 3 of the SAML2 federated identity integration article and finish your SAML integration.

0 out of 0 found this helpful