OneLogin SAML setup

Enable your OneLogin users to access 1Password SaaS Manager with Single-Sign-On (SSO).

Add 1Password SaaS Manager to OneLogin

  1. Log in to OneLogin and go to the Administration site. Choose Applications and then click Add App.
  2. Search the catalog for Trelica and click on the entry shown. Trelica is the previous name for 1Password SaaS Manager.
  3. Change the display name to 1Password SaaS Manager.
  4. You can optionally enter some description text. We propose:

1Password SaaS Manager is a web-based collaborative platform for managing the overall lifecycle of enterprise SaaS applications and vendors.

When you have finished, click Save. The screen will refresh and you will see new tabs on the left-hand side.

Open the Configuration tab to continue.

Configuration tab

OneLogin needs an ACS (Consumer) URL from SaaS Manager. You can see this on the SAML Identity providers page in SaaS Manager.

  1. Open SaaS Manager in a new browser tab, as you will need to switch back to OneLogin shortly. Log in to your SaaS Manager site, and then go to Settings > Users > SAML providers.
  2. Click the copy icon next to the SAML Assertion Consumer Service (ACS) URL to copy it to the clipboard.
  3. Now go back to OneLogin, and in the Configuration tab,paste the ACS URL into the ACS (Consumer) URL. It should be something like https://app.trelica.com/Id/Saml2/xxx/Acs

Open the SSO tab to continue.

SSO tab

Set the SAML Signature Algorithm to SHA-256 and then click Save at the top right of the screen.

Next we need to configure SaaS Manager. This needs the Issuer URL value from the SSO tab in OneLogin. Click the copy icon next to the Issuer URL to copy it to the clipboard.

Configure SaaS Manager

  1. Return to the Users Settings page in SaaS Manager, expand the SAML providers section and click New. The New SAML Identity Provider dialog is displayed.
  2. In the Name field enter OneLogin and set the Metadata type to Metadata from URL.
  3. Paste the Issuer URL from OneLogin that you placed onto the clipboard into the Metadata URL field in SaaS Manager.
  4. Click Create.

Test the connection

You can assign users to an application using OneLogin roles, using the Access tab when configuring an SSO application. Alternatively you can assign an application to a single user by going to the Users menu, selecting a user, and choosing the Applications tab.

You can then add an application to a single user. We recommend this approach when testing your SaaS Manager SAML integration before rolling it out more widely to the users you wish to grant access to.

Once you've assigned a user to the application, they will see the 1Password SaaS Manager application in their portal. Clicking on the application should log them in to SaaS Manager.

Was this article helpful?

0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.