How to enable OneLogin for SSO

Have more questions? Submit a request
πŸ€“ Who can do this? You will need to be an admin user within Atlan to configure SSO. You will also need to work with your OneLogin administrator to carry out the tasks below in OneLogin.

To integrate OneLogin SSO for Atlan, complete the following steps.

Choose SSO provider (in Atlan)

To choose OneLogin as your SSO provider, within Atlan:

  1. From the left menu on any screen, navigate to Admin.
  2. Under the Workspace heading, click SSO.
  3. Under Choose SAML provider, select OneLogin and then click Configure.
  4. Under Service provider metadata, copy the Audience (EntityID), Recipient, ACS (Consumer) URL Validator, and ACS (Consumer) URL.

Set up SAML application (in OneLogin)

To set up a SAML application, within OneLogin admin console:

  1. From the menu along the top, navigate to Applications and then click on Applications.
  2. In the upper right, click the Add App button.
  3. In the search box, enter saml custom and then click SAML Custom Connector (Advanced).
  4. Under Display Name enter a name for your app, such as Atlan and then click the Save button.
  5. Change to the Configuration tab and under Application details enter your Atlan SAML settings:
    1. For Audience (EntityID) enter the value you copied from Atlan above.
    2. For Recipient enter the value you copied from Atlan above.
    3. For ACS (Consumer) URL Validator enter the value you copied from Atlan above.
    4. For ACS (Consumer) URL enter the value you copied from Atlan above.
    5. For Login URL enter the same value used for the fields above.
  6. Change to the SSO tab and change the following:
    1. For SAML Signature Algorithm set SHA-512.
    2. Under Login Hint ensure Enable login hint is checked.
  7. Change to the Parameters tab and use the circular + icon to add mappings for the following:
    1. email β€”> Email
    2. firstName β€”> First Name
    3. lastName β€”> Last Name
  8. In the upper right, click the Save button.

Download OneLogin's metadata file (in OneLogin)

To download the metadata file for the application, within OneLogin:

  • From the application page, in the upper right navigate to More Actions and click SAML Metadata.

Upload OneLogin's metadata file (in Atlan)

To complete the configuration of OneLogin SSO, within Atlan:

  1. From the left menu on any screen, navigate to Admin.
  2. Under the Workspace heading, click SSO.
  3. Under Choose SAML provider, select OneLogin and then click Configure.
  4. To the right of Identity provider metadata click the Import from XML button.
  5. Select the onelogin_metadata_1234567.xml file downloaded from OneLogin above.
  6. At the bottom of the screen, click Save.

Congratulations β€” you have successfully set up OneLogin SSO in Atlan! πŸŽ‰

πŸ’ͺ Did you know? By default, users can now log into Atlan with either OneLogin SSO or a local Atlan account (via email). To only allow logins via SSO, enable the Enforce SSO option in Atlan. Once SSO is enforced, we recommend inviting users only through the SSO provider and not directly from Atlan.

Related articles

Was this article helpful?
1 out of 1 found this helpful