Integrations
      Back to home
      1. Support Center
      2. Integrations

      SSO: OneLogin Integration

      An implementation guide to OneLogin SSO integration in ERIN

      Create a OneLogin application

      1. On the OneLogin portal page (https://your-domain.onelogin.com/portal/), choose Administration.

      2. At the top of the Administration page, pause on Apps, and then choose Add apps.

      3. In the search bar under Find Applications, enter "saml", and then choose SAML Custom Connector (Advanced)

      4. (Optional) Do any of the following:
      * For Display Name, enter a name and description. For example, "ERIN SAML".
      * For Rectangular Icon and Square Icon, upload thumbnail icons following the specifications on the page.
      * For Description, enter a short summary description. For example, For Amazon Cognito user pool.

      Edit your OneLogin application configuration

      1. Choose Configuration.

      2. On the Configuration page, do the following:
      * For RelayState, enter https://app.go.erinapp.com.
      * For Audience, enter the Identifier (Entity ID) provided. Example: urn:amazon:cognito:sp:yourUserPoolId.
      * Leave Recipient blank.
      * For ACS (Consumer) URL Validator, enter the Reply URL (Assertion Consumer Service URL) provided. Example: https://yourDomainPrefix.auth.region.amazoncognito.com/saml2/idpresponse.
      * For ACS (Consumer) URL, enter the Reply URL (Assertion Consumer Service URL) provided. Example: https://yourDomainPrefix.auth.region.amazoncognito.com/saml2/idpresponse.
      * Leave Single Logout URL blank.

       

      Edit your OneLogin application's parameters

      1. Choose Parameters.
      Note: One parameter (NameID (fka Email)) is already listed—this is expected.
      2. Choose Add parameter to create a new, custom parameter.
      3. In the New Field dialog, for Field name, enter http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress

      4. For Flags, select the Include in SAML assertion check box.
      5. Choose Save.
      6. For Value, choose Email from the list.
      7. Choose Save.
      8. Repeat these steps for the following values and all other desired attribute mappings.
      Field Name: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname Value: Last Name
      Field Name: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname Value: First Name