Configuring SAML in OneLogin
- Navigate to 'https://xxxx.onelogin.com/apps/new/159606' where `xxxx` is your company domain.
- Set the associated Display Name
- Click Save
- In the left sidebar, click on Configuration
- Paste 'https://xxxx.app.estateably.com' where `xxxx` is your company domain in the SAML Audience URL input field.
- Paste `https://xxxx.app.estateably.com/api/v1/auth/saml/login` where `xxxx` is your company domain in the SAML Customer URL input field.
- Click Save
- In the left sidebar, click on SSO
- Select SAML Signature Algorithm and change the option to SHA-256.
- Click Save
- In the Estateably application, go to your organization’s Settings page, then click on Single sign-on in the left sidebar. Fill the form…
-
- Select the Set up SSO with a Third-party Identity Provider
- Type OneLogin within the Provider Name
- In the Identity Provider field select box, choose OneLogin
- In the Identity Provider Single Sign-On URL (SAML 2.0 Endpoint) input field enter the URL found in the OneLogin page in the SAML 2.0 Endpoint (HTTP) of the SSO section.
- In the Identity Provider Issuer (Entity ID) input field enter the URL found in the OneLogin page in the Issuer URL box of the SSO section.
- In the Identity Provider Certificate, paste the text value of the certificate found in OneLogin within the SSO section and in the X.509 Certificate field. To view the certificate click View Details and copy the X.509 Certificate.
- Click on Save Changes at the top of the Estateably Settings page.
- Add any users and groups to this app in OneLogin as normal.
Configuring SCIM in OneLogin
- In your OneLogin, if you’ve already created an app for Estateably, click on Configuration in the left sidebar.
- Click Enable within the API Status Field.
- In the SCIM Base URL input field paste `https://xxxx.app.estateably.com/api/v1/scim' where `xxxx` is your company domain.
- In Estateably, within the Single Sign-On module, click in the API Key field. This will generate API required to be pasted into OneLogin.
- Click Save Changes
- In OneLogin, paste the API Key generated in Step 4 into the SCIM Bearer Token input field.
- Click Save Changes
- In the left sidebar, click on Provisioning.
- Select Enable Provisioning
- Select Create User, Delete User & Update User
- Select the policy you would like to implement for when users are deleted in OneLogin.
- Select Do Nothing when users are suspended in OneLogin.
- Click on Save at the top of the page.
Comments
Article is closed for comments.