Skip to main content
SSO: Setting up OneLogin

How to set up an SSO connection with OneLogin

Christian Dreyer avatar
Written by Christian Dreyer
Updated over a week ago

There are two parts to setting up OneLogin, which we'll cover step-by-step:


1. Prepare your OneLogin account

The first thing that you will need to do is create the SSO application in OneLogin. To do that, you will need to be an administrator in OneLogin. If you are an administrator, then please follow these instructions:

1. Log in to OneLogin and click on "Applications" on the menu bar at the top of the page and click on "Add App" in the top right corner.

2. Using the search bar, search for "SAML Custom Connector (Advanced)".

3. Type the environment name in the field "Display Name" field and click on the "Save" button that's located in the top-right-hand corner.


2. Input parameters across systems

To set up the OneLogin SSO connection, there are some values in Planhat you need to input to OneLogin and vice versa. Below we will walk through the required parameters:

1. Navigate to the "Configuration" section in the created application to set up two fields, "ACS (Consumer) URL Validator" and "ACS (Consumer) URL". Those fields need to be populated with data from Planhat and that information is located on the "Security" page.

On the "Security" page in Planhat, make sure the login method is set to "SAML 2.0 (custom)". Then, copy the URL that's shown in the second step and paste it into the OneLogin field "ACS (Consumer) URL". Once you have done that, copy the URL that's shown in the third step and paste it into the OneLogin field "ACS (Consumer) URL Validator".

Planhat:

OneLogin:

2. Navigate to the "SSO" page session in OneLogin, copy the certificate and paste it into the "Identity Provider's Public Signing Certificate *" field in Planhat.

OneLogin:

Planhat:

3. On the "SSO" page in OneLogin the "Issuer URL" needs to be copied and pasted into the field "Issuer || Audience URI || SP Entity ID *" field in Planhat. The "SAML 2.0 Endpoint (HTTP)" field also needs to be copied and then pasted into the "Entry Point || Reply URL || Assertion URL || SSO URL *" field in Planhat. Please make sure that you have pressed "Save" on both platforms.

OneLogin:

Planhat:

4. Now you need to give each user access to the OneLogin application that you created. The users should also exist in Planhat with the same email address. Once this has been set up, the users will be able to log in to Planhat using IdP and SP.

Did this answer your question?