This article is to be used in conjunction with Adding a New SAML Authenticator & Enabling Single Sign On
- Sign in to OneLogin as a OneLogin Administrator.
- Navigate to and click on Applications on the navigation menu.
- Search for SAML, and select SAML Test Connector (IdP w/ attr w/ sign response).
- Under Configuration, input the following information:
- Leave RelayState blank
- Under Audience, enter the ServiceProvider value as it will be set in Intelligencebank Authenticator page. e.g. IB
- Under Recipient, enter the platform URL and append /auth at the end of it.
- Under ACS (Consumer) URL Validator, enter .*
- Under ACS (Consumer) URL, enter the platform URL and append /auth?acs at the end of it.
- Under Single Logout URL, enter the platform URL and append /auth?sls at the end of it.
- Under SSO, copy and paste the following information into IntelligenceBank's Authenticators area, under a new authenticator:
- Issuer URL into Name and Host.
- SAML 2.0 Endpoint (HTTP) into Remote URl (only require if users are to access IntelligenceBank from another location, e.g. your intranet or the OneLogin portal, via Single Legged authentication).
- SLO Endpoint (HTTP) into SingleLogoutService.
- Under X.509 Certificate field, click View Details. Copy and paste X.509 Certificate value into CertData, and Fingerprint value into CertFingerprint.
- Add the users that should be able to login to IntelligenceBank under Users.
- You can set the values to be passed on in the assertion, including a Permission Group Mapping field under Parameters. Make sure Email (SAML NameID) is enabled.
- Save.
- In IntelligenceBank, when ready to turn the Authenticator on, update it to "Disabled" = Off. All users will be enabled as SSO Users by default. To disable SSO authentication for select users, go to their user profile, and enable the IntelligenceBank Login option.
Comments
0 comments
Please sign in to leave a comment.