OneLogin SAML SSO Configuration
- Create developers OneLogin Account.
- After the registration go to Applications page and push Add App button.
- In the search field print "SAML" and select SAML Test Connector (Advanced).
- Save application.
- Navigate to SSO tab. There are three URLs and certificate on this page. We need two of this URLs (Issuer URL and SAML 2.0 Endpoint (HTTP)) and certificate.
-
Open Rubex on another tab (or browser) and navigate to SAML configuration (Admin -> Settings -> Single Sign-On Settings).
-
Create new SAML configuration.
-
Fill Issuer field with value from OneLogin Issuer URL, Saml Endpoint with value from SAML 2.0 Endpoint (HTTP), Entity ID with any url. Aslo specify SAML Attribute Name for Groups (attribute where all user groups will be listed, usually Group) and upload OneLogin certificate downloaded on step 5
-
Save configuration and open it again. Save Login URL from the bottom of this page.
-
Back to OneLogin. Navigate to Configuration tab.
-
Fill Audience (EntityID) with the same URL like in Entity ID Rubex SAML Configuration, Recipient, ACS (Consumer) URL and Login URL with Login URL from Rubex SAML Configuration. Save configuration.
-
Navigate to Parameters tab and add Group attribute (Do not forget to select Include in SAML Assertion)
.
Push Save button. On the next window select default value for this attribute (It can be any user attribute (default or custom)) and save it again. -
Save all configuration again.