OneLogin Settings

Configure settings to use OneLogin SAML2.0 authentication to log in to ovice account.

 

Advance Preparation

1. Required permissions:

  • OneLogin administrator privileges
  • ovice administrator privileges

2. Click the hamburger menu on the upper left of the ovice screen and select the Space tab on the main menu.
*If you are not the organization owner, you do not need to select the tab.

Screenshot 2023-08-21 at 8.34.36 PM.png

3. Click Space SettingsSpace Access SettingsEmail Authentication under Allow access as a member

4. Select the SSO Authentication tab

Screenshot 2023-08-21 at 8.37.06 PM.png

5. Click the + button of "SAML Authentication Setup"

Screenshot 2023-08-21 at 8.39.16 PM.png

 

6. Enter any name in IdP name

This name will appear on the login screen of your space URL.

7. Choose where to redirect

Select the screen each user is redirected to when they log in.

Space Redirect into space
Lobby Redirect to lobby screen (space list)

 

Other items will be set later, so do not close the ovice setting screen in this state.

 

OneLogin Settings

1. Access the OneLogin admin screen

https://app.onelogin.com/login

2. Click Applications from Applications in the menu bar

Screenshot_2023-03-31_at_9.08.23_AM.png

3. Click Add App

4. Enter SAML in the search window and click SAML Custom Connector (Advanced)

5. Change Display Name to any name and click Save

*The icon image can also be changed.

6. Click SSO in the sidebar

Screenshot_2023-03-31_at_9.14.28_AM.png

7. Copy and paste the OneLogin information to the ovice setting screen prepared in advance

OneLogin setting screen (copy source) ovice setting screen (paste destination)
"View Details" of the X.509 Certificate IdP x509 certificate
Issuer URL Entity ID
SAML 2.0 Endpoints (HTTP) IdP login URL
SLO Endpoint (HTTP) IdP logout URL

 

8. Click Save on the ovice setting screen

Do not close the ovice setting screen in this state, as the displayed reply URL and login URL will be used later.

9. Click Configuration in the OneLogin settings screen sidebar

Screenshot_2023-03-31_at_9.31.16_AM.png

10. Copy and paste the information displayed on the ovice setting screen to OneLogin

OneLogin Settings Screen Edited Content
Recipient Paste the "Reply URL" on the ovice settings screen
Login URL Paste the "Login URL" on the ovice settings screen
SAML not valid before Remove default value
SAML not valid on or after Remove default value
SAML initiator Set to Service Provider
SAML signature element Assertion


*Other items can be left at their default settings.
*There is no need to set the "Identifier" item that can be obtained on the ovice settings screen.

11. Click Save

12. Click Parameters in the sidebar

13. Repeat steps 14 to 18 twice and set the following two items as parameters

Field name Value
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname First Name
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress Email

 

14. Click the "+" button

15. Set the above string in Field name and click Include in SAML assertion

16. Click Save

17. Select the above character string in Value

18. Click Save

From step 19 onwards, add users to the created application.

19. Select Users in the Users tab

Screenshot 2023-08-21 at 10.39.56 AM.png

20. Select the appropriate user and click Applications

21. Select the "+" button on the upper right

Screenshot 2023-08-21 at 10.43.08 AM.png

22. Select the created Application from the dropdown and click the Continue button

 

[Optional] How to add SAML authentication to permission settings

By combining ovice public settings and access permission settings , it is possible to allow only users with SAML authentication to access the space.

1. Scroll down the SSO setting screen of ovice and check the created SAML authentication setting in Activate SSO authentication

2. Click Save

 

Log In Using OneLogin

Please try logging in below.
Log in with Space's unique SSO (SAML authentication, etc.)

 

If Log In Using OneLogin Fails

Please check the following:

 

Articles in this section