Guides → OneLogin SSO Configuration

One of the various SSO providers that Incorta supports is OneLogin. OneLogin is a cloud-based identity and access management provider. OneLogin provides an identity platform for secure, scalable, and smart experiences that uses the Security Assertion Markup Language 2.0 (SAML2) protocol.

Configure OneLogin SSO

Use the following steps to configure OneLogin:

  • Go to your OneLogin Admin page.
  • Create a new application "SAML Test Connector (ldP)."
  • Change the name to the tenant name and save.
  • Go to the OneLogin Configuration tab.
  • Add the ACS (Consumer) URL Validator. For example, http://<cloud_cluster_name>.incorta.com/incorta/!demo.
  • Add the ACS (Consumer) URL. This is the URL that directs you to the single sign on page and logs you into Incorta. For example, http://<cloud_cluster_name>.cloud.com/incorta/!demo.
  • Add the Single Logout URL. For example: http://<cloud_cluster_name>.incorta.com/incorta/!demo/#/authservice/logout.
  • From the Parameters tab, add the parameter loginName, and then set its value to Username.
  • Open Single Logout URL, and then select SAML metadata to download the generated properties configuration file.

Configure OneLogin SSO and Incorta

  • In the Incorta CMC, go to Clusters > cluster_name > Tenants > tenant_name.
  • Select Configure.
  • In the Security tab, configure the following properties:
PropertyDescription
Authentication TypeSelect the authentication type to be SSO.
Provider TypeSelect the SSO provider to be SAML2.
Provider configurationsEnter the properties or XML configurations for the SAML2 SSO.
  • Restart the Incorta services.
  • Create a user in OneLogin and use the same username to create a user in Incorta.
  • Sign in to your Incorta tenant you have configured using the username you created.
Important

You will be redirected to the https://admin.us.onelogin.com/apps page to authenticate with your username and password. You are then redirected to the Incorta home page and logged on without supplying an Incorta username and password.