1. Home
  2. Other Releases
  3. On-premises 5.2
  4. Guides
    1. Start
    2. Administer
    3. Analyze
    4. Configure
    5. Deploy
    6. Install
    7. Migrate
    8. Secure
      1. Incorta Security Guide
      2. Secure Communication and Data
      3. Secure Access
        1. Monitor Logins and Access
        2. Use Incorta Login (Self-Sync)
        3. Setting the Session Timeout
        4. Use OneLogin SSO
        5. Use Directory Services SSO
        6. Use ADFS SSO
        7. Use IBM CIS SSO
        8. Use Okta SSO
        9. Mobile SSO
        10. Configure LDAP
        11. Enable and Test SSO
        12. User Management
      4. Secure Objects and Business Data
    9. Upgrade
    10. Content Manager
  5. Tours
  6. Concepts
  7. Tools
  8. References
  9. Integrations
  10. Data applications
  11. Releases

Use OneLogin

To enable single sign on (SSO) using OneLogin, you must configure OneLogin SAML Test Connector ldP application and Incorta.

Perform the following steps for each tenant using OneLogin.

  1. Configure OneLogin, see Configure OneLogin.
  2. Modify the onelogin-conf-samele.properties file and rename it, see Create a Configuration file a Configuration file).
  3. Modify the server.xml file to reference the DS configuration file. See Modify server.xml.
  4. Restart Incorta.
  5. Configure OneLogin SSO and Incorta. See Configure OneLogin SSO and Incorta.
  6. Create a user in OneLogin. See Create a user in OneLogin.
  7. Create a user in Incorta. See Create a user in Incorta.

Configure OneLogin SSO

Use the following steps to configure OneLogin:

  1. Navigate to your OneLogin Admin page.
  2. Create a new application "SAML Test Connector (ldP)".
  3. Change the name to the tenant name and save.
  4. Navigate to the OneLogin Configuration tab.
  5. Add the ACS (Consumer) URL Validator. When running on localhost, for example, http://localhost:8080/incorta/!demo.
  6. Add the ACS (Consumer) URL. This is the URL that directs you to single sign on and logs you into Incorta. For example, http://localhost:8080/incorta/!demo.
  7. Add the Single Logout URL. For example: http://localhost:8080/incorta/!demo/#/authservice/logout.
  8. From the Parameters tab, add the parameter "loginName" and set its value to Username.
  9. Open Single Logout URL and select SAML metadata to download the generated properties configuration file.

Configure OneLogin SSO and Incorta

  1. After installing Incorta, navigate to <Incorta_Installation>server/lib which contains the incorta.onelogin.valv-1.0.jar file.
  2. Update the server.xml file located in <Incorta_Installation>server/config with the following properties:
    <Valve LoggingEnabled="true" className="com.incorta.sso.valves.OneLoginValve" confFilesMap="demo=/home/aya/Downloads/demo.properties"/>. Demo represents the path to the demo.properties file and must be changed to reflect the actual path to the demo.properties file.
  3. Update properties with your port number.
  4. Enable SSO from the TMT (./tmt.sh -u <tenant name> sso-login-enable true -clnm <cluster-name>).
  5. Stop and start the Incorta server.
  6. Sign in to http://localhost:port/incorta/!tenant/.

You are redirected to the https://admin.us.onelogin.com/apps page to authenticate with your username and password. You are then redirected to the Incorta home page and logged on without supplying an Incorta username and password.

Create a user in OneLogin

  1. Navigate to the OneLogin Admin page.
  2. From the Users tab, choose All Users.
  3. Select New User.
  4. Add the new user data and select Save User.
  5. Navigate to the Application tab and the previously created application.

Create a user in Incorta

Create a user with the same login name and email used to create the new user in OneLogin.