Configuring OneLogin as Identity Provider

Configuring OneLogin as Identity Provider

Role Required: SDAdmin

  1. Log in your OneLogin domain and click Applications under the Applications tab.

  1. In the displayed page, click Add App.

  1. Search for SAML from the search box and select SAML Test Connector (Advanced) from the search results.

  1. Provide a Name and upload a Logo for your application.

  1. Click Save.
  2. Go to the Configurations tab and enter the details as given below.
Field Name
Description
ACS (Consumer) URL Validator
Assertion Consumer URL in AssetExplorer
ACS (Consumer) URL
Assertion Consumer URL in AssetExplorer
Single Logout URL
Single Logout Service URL in AssetExplorer
Audience (Entity ID)
Entity ID in AssetExplorer
 

  1. Select the required SAML nameID format from the drop-down. AssetExplorer supports the following formats:
    1. Email: Choose this if you want to login using the email address configured in AssetExplorer.
    2. Transient/Persistent: Choose this format if you want to login using the login name configured in AssetExplorer.
    3. Unspecified: Choose this if you want to login using the User Principal Name of your Active Directory account imported into AssetExplorer.
  2. Click Save.
  3. Open the Parameters tab.
  4. Click NameID value. In the displayed drop-down, choose the required value for the NameID format selected in the previous screen using the following pointers:
    1. For email format, select Email as the value.
    2. For Persistent/Transient formats, select an option that returns the value in the format <DOMAIN\username>.
    3. Alternatively, select Macro to configure a custom option to achieve the same. The syntax can be found here.
    4. For Unspecified format, select userPrincipalName as the value.

  1. Under the SSO tab, you will find the IdP details to be entered in the AssetExplorer application.
  2. Enter the details as given below.
AssetExplorer Attribute
OneLogin Attribute
Login URL
SAML 2.0 Endpoint
Logout URL
SLO Endpoint
 

  1. To download the certificate, click the View Details option under X.509 Certificate.
  2. Choose the certificate format as X.509 PEM/X.509 DER and click Download.

  1. You can assign the application to various users under the Users tab.


You have now configured AssetExplorer as a service provider in OneLogin.

Go to the SAML configuration page in AssetExplorer and provide the IdP details to complete the integration.

    • Related Articles

    • Configuring G Suite as the Identity Provider

      Role Required: SDAdmin Log in to Google Workspace. Go to Apps > Web and mobile apps. Click Add app > Add custom SAML app. Provide the App name and Description. Upload the App icon and click Continue. On the displayed page, download the certificate ...

    • Configuring ADFS 3.0 as the Identity Provider

      Role Required: SDAdmin Before you start the configuration process, make sure that the AssetExplorer application is running in the HTTPS mode. Then, configure AssetExplorer as a Relying Party Trust (RPT). This can be done either manually or using the ...

    • Configuring Okta as the Identity Provider

      Role Required: SDAdmin Log in to your Okta domain. Go to the Applications > Add Application. Click Create New App. From the displayed dialog box, choose SAML 2.0 as the sign-on method. Click Create. In the next window, provide a Name for your ...

    • Configuring SAML in AssetExplorer

      Role Required: SDAdmin Go to Admin > Organizational Details > SAML Single Sign-On. In the configurations tab, you will find two sections: Service Provider Details and Configure Identity Provider Details. Service Provider Details Under the Service ...

    • Configure Azure as the Identity Provider

      Role Required: SDAdmin Follow the steps below to configure AssetExplorer as a service provider in Azure. Before configuring, ensure that the AssetExplorer runs in HTTPS mode. Log in to your Azure domain. Under Azure Services, click Enterprise ...