About this article
This article describes how an organization can set up SSO with OneLogin utilising SAML2 protocol. You will find the following main sections in this support article:
Prerequisites
|
Configuring OneLogin
- Go to "Apps" and "Add Apps"
- Search for "SAML"
- Choose "SAML Test Connector (Advanced)"
- Name it Templafy (and add an icon if you want)
- Click Save
- Go to "Configuration" an fill out the below SAML settings and hit "Save"
SAML Settings
Templafy One
Metadata URL
https://app.templafy.com/AuthServices Audience /Recipient
https://app.templafy.com/AuthServices ACS (Consumer) URL Validator / ACS (Consumer) URL
https://app.templafy.com/AuthServices/Acs Login URL
https://CLIENTSUBDOMAIN.templafy.com Hash function to use for digital signing at IdP
SHA-256 User Identifier
mail Templafy Hive
Metadata URL
Prod0:
https://templafyprod0.auth.templafy.com/auth/saml2/auth-services
West Europe:
https://templafyprod1.auth.templafy.com/auth/saml2/auth-services
East US:
https://templafyprod2.auth.templafy.com/auth/saml2/auth-servicesEast Australia:
https://templafyprod3.auth.templafy.com/auth/saml2/auth-servicesAudience/ Recipient
https://auth.templafy.com/auth/saml2/auth-services ACS (Consumer) URL Validator
/
ACS (Consumer) URLProd0:
https://templafyprod0.auth.templafy.com/auth/saml2/auth-services/Acs
West Europe:
https://templafyprod1.auth.templafy.com/auth/saml2/auth-services/Acs
East US:
https://templafyprod2.auth.templafy.com/auth/saml2/auth-services/AcsEast Australia:
https://templafyprod3.auth.templafy.com/auth/saml2/auth-services/AcsLogin URL
https://CLIENTSUBDOMAIN.hive.templafy.com or https://CLIENTSUBDOMAIN.templafy.com Hash function to use for digital signing at IdP
SHA-256 User Identifier
mail - Click "Parameters"
- Click "The Plus Icon"
- In "field name", write "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier"
- Tick off "Include in SAML assertion"
- Click "Save"
- Click the newly created parameter
- Set "Value" to "Email"
- Click "Save"
- Click "SSO"
- Change "SAML Signature Algorithm" to "SHA-256"
- Remember to "Save"
- Copy "Issuer URL" and send it to Templafy
Attribute Statements (Optional)
For setting up additional claims please see the article below for information about the schema setup. This is to be configured under "Parameters" of this guide: Supported claims and clams rules
Configuring Templafy
- Please provide Templafy with your "Issuer URL" found under "SSO" in the App settings.
- The following are needed to configure Templafy and are available in the metadata.xml.
- Identity Provider Single Sign-On URL (HTTP-POST)
- Identity Provider Issuer
- X 509 Certificate
Comments
0 comments
Article is closed for comments.