Illustration

SAML integration In OneLogin

This guide describes the steps required to create a working SAML integration between OneLogin and GoBright. All the following steps below are configured in the OneLogin admin portal.

  • Go to the OneLogin admin portal
  • Add an application ‘SAML Custom Connector (Advanced)’
    This will be the application which handles the SAML login flow to GoBright.
    1.-create-a-custom-saml-connector.jpg
    (right click image > open in new tab to view full image)

  • In the OneLogin admin portal, go to the tab ‘SSO’
  • Set ‘SAML Signature Algorithm’ to ‘SHA-256’
  • Save the settings
  • Go to the tab ‘Parameters’
  • Add at least the claim for the ‘Name’ of the user:
    Claim name: ‘http://schemas.xmlsoap.org/claims/CommonName’
    Value : ‘Name’
  • Flags : check the checkbox ‘Include in SAML assertion’

  • Go back to the tab ‘SSO’
  • Gather the value of the SAML 2.0 Endpoint (HTTP). You will need this value later on
  • At X.509 Certificate, click on ‘View Details’ and download the ‘SAML Metadata’ file
  • Open the downloaded file in a text editor. You will need this later on
    3.-gather-sso-values.jpg
    (right click image > open in new tab to view full image)

  • Go to the GoBright Admin Center and click on ‘Integrations’
  • Open an existing ‘SAML’ integration or create a new integration of type ‘SAML’
  • Fill in these items with the values gathered in step 3:
    • At ‘Single Sign-on service url’ paste ‘HTTP-Redirect’ / SAML 2.0 Endpoint (HTTP)
    • At ‘Single Sign-out service url’ also paste ‘HTTP-Redirect’ / SAML 2.0 Endpoint (HTTP)
    • At ‘Token-signing certificate (Base64)’ paste the contents of the downloaded file as text
  • Still on the integration page, gather the following values. You will need these later on
    • At Service Provider information:
      • ‘Relying party identifier / Entity Id’
      • ‘Reply URL (Assertion Consumer Service URL)’
        4.1-create.jpg
        (right click image > open in new tab to view full image)
    • At Processing settings:
      • ‘Direct login url’
        4.-processing_settings.jpg
        (right click image > open in new tab to view full image)
  • Save the settings

  • Go to the OneLogin admin portal
  • Go to the tab ‘Configuration’
  • Paste the values gathered in the previous step:
    • At Audience (EntityID) paste ‘Relying party identifier / Entity Id’
    • At ACS (Consumer) URL Validator paste ‘Reply URL (Assertion Consumer Service URL)’
    • At ACS (Consumer) URL also paste ‘Reply URL (Assertion Consumer Service URL)’
    • At Single Logout URL paste ‘Direct login url’
    • At Login URL also paste ‘Direct login url’
  • Set ‘SAML initiator’ to ‘Service Provider’
  • Save the settings
    5.-configure-sso-in-onelogin-admin-portal.jpg
    (right click image > open in new tab to view full image)

Next

Proceed to step 3 of the SAML2 federated identity integration article and finish your SAML integration.

This article comes from the Help Center of GoBright.
View original article
FAQ

Ask us anything! Find the answers to the most frequently asked questions here.

Browse the FAQ
Help center

A goldmine for all IT and Facility Managers. Dive into the technical stuff concerning our products and solutions.

Visit the help center
Newsletter

Wanna stay informed of all developments within the smart office and our new features? Subscribe now.

Subscribe now.