OneLogin SAML

Modified on Tue, Jul 29 at 10:25 AM

Overview
Instructions
- SAML Setup Steps
- Obtain Zitadel Details (Audience, Reccipeint, and ACS URL)
How To Login
Need Support?

Overview

This document covers the setup for OneLogin SAML and Zitadel for ConnectSecure login.

Instructions

SAML Setup Steps

Login to the Administrative dashboard
Click on the Applications heading and choose Applications

Tap on the ‘Add App’ button in the top right

Search for ‘saml test connector’ and select the SAML Test Connector (IDP) from the list

Add the Display Name and tap Save

Tap on the Configuration menu

You must enter the Audience, Recipient, and ACS URL fields, which you will obtain from Zitadel.

Obtain Zitadel Details (Audience, Reccipeint, and ACS URL)

You must be an Org Admin in Zitadel to access the Settings mentioned below

Tap on Settings > Identity Providers

Tap on the SAML SP tile

Add the Display Name
Add the metadata (you can get this from the OneLogin dashboard)
- Click on the App Name > tap on SSO > copy the Issuer URL and paste in the metadata URL
  - Choose Binding as SAML_BINDING_POST
  - Enable the signed request and click Create

Copy the metadata URL to the ZITADEL Metadata as an Audience URL
ZITADEL ACS Login Form as Recipient URL
ACS (Consumer) URL Validator* from [-a-zA-Z0-9@:%._\+~#=]{2,256}\.[a-z] {2,6}\b([-a-zA-Z0-9@:%_\+.~#?&//=]*)
ZITADEL ACS Intent API as an ACS (Consumer) URL*

https://auth0.com/docs/authenticate/protocols/saml/saml-sso-integrations/configure-auth0-saml-service-provider/configure-onelogin-as-saml-identity-provider

Tap on the Save in the top right once done.

Lastly, check in the Zitadel portal under Settings > Identity Providers that you have the OneLogin SAML SP set as available.

How To Login

After completing the OneLogin SAML setup, you can use the external auth to log in.

Log in to the ConnectSecure portal (https://portal.myconnectsecure.com)
Enter your Tenant Name
Click on the ‘Use External Authentication’ button

You will be automatically redirected to the credentials page, where you do not need to enter your username and password
Click "Login with an External User" to use your SAML credentials

If you are not logged into the OneLogin portal, you will be prompted to log in for authentication. Once authenticated, you will be automatically redirected to the ConnectSecure portal.