Documentation

OneLogin directory

Suggest Edits

Overview

OneLogin is a cloud-based identity and access management (IAM) provider that develops a unified access management (UAM) platform for businesses and organizations. OneLogin allows users to access and manage applications and additional resources by logging in once to a single interface.

Entitle populates the following resource types in the OneLogin directory connection:

  • Groups
  • Users
  • Managers (optional)

This page will provide you with instructions on how to connect Entitle and OneLogin as a directory.

General guidelines

Note: In case you have already integrated the OneLogin application with Entitle using this guide, the steps on this page are identical.

To integrate your OneLogin with Entitle, you will need to extract two fields:

  • API Credentials:
    • "client_id"
    • "client_secret"

Set up OneLogin to work with Entitle

Extract API credentials

This stage will show you how to extract two of the required fields for the integration: "Client ID" and "Client Secret".

  1. On the home page, click Administration in the top right corner.
  1. Under the Developers tab, in the drop-down menu, click API Credentials.
  1. Once opened, click the New Credential button.
  1. You will now need to create a new API credential. In the Name field, choose a name for your credential. Then, choose the last option available - Manage all (this permission is needed for some API calls that need high privileges such as removing roles of users and admins), and click the Save button.
  1. The new screen that opens will provide you with the two additional fields ("Client ID" and "Client Secret") which you will need to configure OneLogin with Entitle. Copy and save them for the configuration later on, and click Done.

Connecting your IdP in Entitle

All that is left to do is connect your IDP to the Entitle application.

  1. Log into Entitle and navigate to the Org Settings page.
  2. Under the Connect To section, navigate to the OneLogin option, and click Connect.
  1. In the pop-up window Configure OneLogin, fill in the required details:
    • Display Name of your choice.
    • Client ID and Client Secret - from the previous stage.
    • Region - choose the region you are based in the world (for example, USA).
    • In case you wish to add managers’ approval as a part of the approval process of Access Requests or to select managers as the User Access Review reviewers:
      • In the Manager Field Name, add the attribute that refers to the manager's email address.
      • Check the Use as direct manager source checkbox.
    • Finally, don’t forget to set the Save on field with your configuration, i.e. your own hosted agent or Entitle’s cloud. Click Save.

Test your IdP connection

  1. After being redirected to the Org Settings page, you should be able to see that the OneLogin Directory is now Connected.

  2. Within a few minutes, refresh your browser page and go to the Workflows tab. Then, click on New Workflow. You should now be able to see all the groups are fetched, and you are done! 🎉.

Updated about 1 month ago