Improve this page on GitHub

OneLogin SSO via SAML

Setting Up OneLogin via SAML

Set up SSO for OneLogin using SAML in Codefresh. For a general overview on SAML, see Setting up SAML2 Federated SSO.

NOTE
If you do not see SAML in the SSO list, please create a support ticket to enable SAML for your account.

Setting up SAML SSO for OneLogin includes:

  1. Adding the Codefresh application in OneLogin
  2. Configuring SSO settings for OneLogin via SAML in Codefresh
  3. Configuring SSO settings for Codefresh in OneLogin

Step 1: Add Codefresh application in OneLogin

  1. From the OneLogin toolbar, Applications section,and then select Add App on the top right.
  2. Search for SAML Custom Connector (advanced) and select it.
  3. Add a Display Name. Leave the other settings which are optional.
  4. Click Save.
  5. From the sidebar, select SSO and keep the tab open.
  6. Continue with Step 2: Configure SSO settings for OneLogin via SAML in Codefresh.

Step 2: Configure SSO settings for OneLogin via SAML in Codefresh

  1. In the Codefresh UI, from the toolbar click the Settings icon.
  2. In the sidebar, from Access & Collaboration, select Single Sign-On.
  3. Click Add single-sign-on, select SAML, and then click Next.
  4. Enter the connection details:
    • Display Name: Any arbitrary name for this integration.
    • IDP Entry: SAML 2.0 Endpoint (HTTP) from the SSO section in OneLogin.
    • Application Certificate: X.509 Certificate from the SSO section in OneLogin.
      Do the following:
      • Click and open View Details, preferably in a new tab.
      • Under X.509 Certificate, click Copy.
      • Paste the content into the Application Certificate.
      • Remove the lines, -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----.
    • Provider: Leave empty.
  5. Click Add. The SAML integration for OneLogin is added and appears in the list of SSOs.
  6. In the Single Sign-On page, click the Edit icon for the OneLogin SAML integration you created.
  7. Copy the Assertion URL (client ID) that was automatically generated when you added the integration.
  8. Continue with Step 3: Configure SSO settings for Codefresh in OneLogin.

Step 3: Configure SSO settings for Codefresh in OneLogin

  1. Return to OneLogin, and from the sidebar, select Configuration.
  2. Enter the following:
    • Audience (EntityID): g.codefresh.io.
    • Recipient: The Assertion URL you copied in the previous step.
    • ACS (Consumer) URL Validator: The Assertion URL in Regex format. For more info on this, view OneLogin’s Setup Page.
    • ACS (Consumer) URL: The Assertion URL.
    • Login URL: https://g.codefresh.io/login
    • SAML Initiator: Service Provider.
    • Click Save.
  3. In OneLogin, go to the Users page, and do the following:
    • Select the User.
    • Go to Applications, and click +.
    • Select the SAML App with the Display Name you entered in Codefresh.
    • Click Continue.
    • Make sure the NameID is set to the email address.
    • Click Save.

You have completed SSO integration for OneLogin via SAML.

Test SSO Connection

Now test the SSO with a test user in a different browser or private/incognito browser to make sure the integration works as it should.

  1. In the Codefresh UI, on the toolbar, click the Settings icon and then select Account Settings.
  2. From the sidebar, below Access & Collaboration, select Users & Teams.
  3. Locate a test user, and from the SSO list, select the integration name to enable SSO for that user.
  4. In a different browser or private/incognito browser window use the Corporate option to log in.

Federated Single Sign-On (SSO) overview
Setting up SAML2 Federated SSO
Common configuration for SSO providers