Authenticate user access to applications with OneLogin
You can authenticate user access to applications with the OneLogin service.
You must have a OneLogin account. If you do not, see https://www.onelogin.com for more information.
Before you begin
Log in to you OneLogin
On the Find Applications page, search for SAML Test
Connector (IDP w/ attr w/ sign response) and click on
On the application page, click SAVE.
A new page appears. Click the Configuration tab
and fill in this information:
Configuration tab fields to complete Field Value Relay State Leave it blank Audience https://YOUR-IDP-NAME.login.go.akamai-access.com/saml/sp/response Recipient Leave it blank ACS (Consumer) URL Validator https://YOUR-IDP-NAME.login.go.akamai-access.com/saml/sp/response ACS (Consumer) URL https://YOUR-IDP-NAME.login.go.akamai-access.com/saml/sp/response Single Logout URL Leave it blankNote: In the above table, the YOUR-IDP-NAME is the name of your IdP. For example, if YOUR-IDP-NAME is oneloginidp, then the values for Audience, ACS (Consumer) URL Validator, and ACS (Consumer) URL are https://oneloginidp.login.go.akamai-access.com/saml/sp/response. This is just an example. The actual values for the Audience, URL Validator, and the URL fields must match the values of the OneLogin instructions specified in your EAA admin portal.
Click Parameters and select MemberOf from the
Value field and click SAVE.
Select @SAML Metadata from the MORE ACTIONS tab
to download the metadata file to your computer. You will add this file
to the EAA configuration.
- Click SAVE and return to the EAA management portal.
Log in to the EAA Management Portal if you have not already done so.
- From the top menu bar, select .
- To add a new directory, click Add Directory. The Create New Directory window appears.
- Enter a name and description, and select OneLogin from the Directory Type menu. For more information about supported directory services, see Directories.
- Click Create Directory and Configure. The configuration page appears.
- Enter your company name in the URL field as it appears after the OneLogin host when you connect to OneLogin.
- In the Upload IDP Metadata File field, upload the OneLogin metadata file that was saved in Step 1f.
At this point, your OneLogin directory is connected to the EAA Cloud. When securing an additional application with the Enterprise Application Access service, select this new directory as the AUTHENTICATION source while configuring the application. If an application is already associated with the your Microsoft Active Directory, you need to click on the CHANGE SERVICE button in the Authentication page to select your SAML provider as the authentication source.