OneLogin SAML setup

Enable your OneLogin users to access 1Password SaaS Manager with Single-Sign-On (SSO).

Add 1Password SaaS Manager to OneLogin

1. Log in to OneLogin and go to the Administration site. Select Applications > Add App.
2. Search the catalog for Trelica and select on the entry shown.
3. Change the display name to 1Password SaaS Manager.
4. Upload the SaaS Manager logo to the corresponding icon fields.
5. Optionally enter description text. For example:

1Password SaaS Manager is a web-based collaborative platform for managing the overall lifecycle of enterprise SaaS applications and vendors.

When you have finished, select Save. The screen will refresh and you will see new tabs on the left-hand side.

Open the Configuration tab to continue.

Configuration tab

OneLogin needs an ACS (Consumer) URL from SaaS Manager. You can see this on the SAML Identity providers page in SaaS Manager.

Open SaaS Manager in a new browser tab, as you will need to switch back to OneLogin

1. Log in to your SaaS Manager site, then go to Settings > Users > SAML providers.
2. Select the copy icon next to the SAML Assertion Consumer Service (ACS) URL to copy it to the clipboard.
3. Now go back to OneLogin and, in the Configuration tab, paste the ACS URL into the ACS (Consumer) URL. It should be something like https://app.trelica.com/Id/Saml2/xxx/Acs.

Open the SSO tab to continue.

SSO tab

Set the SAML Signature Algorithm to SHA-256 and then select Save at the top right of the screen.

Select the copy icon next to the Issuer URL to copy it to the clipboard. You will need this in the next step when we configure SaaS Manager. 

Configure SaaS Manager

In SaaS Manager:

1. Return to the Users Settings page, then expand the SAML providers section and select New. The New SAML Identity Provider dialog is displayed.
2. In the Name field, enter "OneLogin" and set the Metadata type to Metadata from URL.
3. In the Metadata URL field, paste the Issuer URL you copied from OneLogin.
4. Select Create.

Test the connection

When configuring an SSO application, you can assign users to an application from the Access tab in SaaS Manager using OneLogin roles. 

Alternatively, you can assign an application to a single user by going to the Users menu, selecting a user, and then selecting the Applications tab. We recommend this approach when testing your SaaS Manager SAML integration before rolling it out more widely to the users you want to grant access to.

Once you've assigned a user to the application, they will see the SaaS Manager application in their portal. Selecting the application should log them in to SaaS Manager.