Authenticate user access to applications with OneLogin

You can authenticate user access to applications with the OneLogin service.

Before you begin

You must have a OneLogin account. If you do not, see https://www.onelogin.com for more information.

How to

  1. Log in to you OneLogin portal.
    1. Click Apps > Add Apps
      OneLogin Add Apps option


    2. On the Find Applications page, search for SAML Test Connector (IDP w/ attr w/ sign response) and click on it.
      OneLogin Find Applications menu


    3. On the application page, click SAVE.
      Save the Add SAML Test Connector page


    4. A new page appears. Click the Configuration tab and fill in this information:
      Configuration tab fields to complete


      Note: The values in this table are only examples. The actual values for the Audience, URL Validator, and the URL fields must match the values of the OneLogin instructions specified in your EAA admin portal.
    5. Click Parameters and select MemberOf from the Value field and click SAVE.
      Select Edit Field Member Of value


    6. Select @SAML Metadata from the MORE ACTIONS tab to download the metadata file to your computer. You will add this file to the EAA configuration.
      MORE ACTIONS tab


    7. Click SAVE and return to the EAA management portal.
  2. Log in to the EAA Management Portal if you have not already done so.
    1. From the top menu bar, select Identity > Directories.
    2. To add a new directory, click Add Directory. The Create New Directory window appears.
    3. Enter a name and description, and select OneLogin from the Directory Type menu. For more information about supported directory services, see Directories.
    4. Click Create Directory and Configure. The configuration page appears.
    5. Enter your company name in the URL field as it appears after the OneLogin host when you connect to OneLogin.
    6. In the Upload IDP Metadata File field, upload the OneLogin metadata file that was saved in Step 1f.

Next steps

At this point, your OneLogin directory is connected to the EAA Cloud. When securing an additional application with the Enterprise Application Access service, select this new directory as the AUTHENTICATION source while configuring the application. If an application is already associated with the your Microsoft Active Directory, you need to click on the CHANGE SERVICE button in the Authentication page to select your SAML provider as the authentication source.