OneLogin and One Identity Manager

It is time to add another installment of the OneLogin integrations with the Unified Identity Security Platform solutions. Today’s installment is a look at how to configure Single Sign-On from OneLogin to One Identity Manager. One of OneLogin’s core features is providing users with the ability to log in to thousands of applications using a single set of credentials, ideally requiring MFA to ensure a more secure login flow. Identity Manager is One Identity’s leading Identity and Governance Administration solution that enables organizations to govern and secure their data and users. Configuring logging in to Identity Manager’s web portal from OneLogin could not be simpler or more secure and will ensure a secure login process. (We really like to stick to that Simple and Secure Login flow.) 

OneLogin SSO to Identity Manager

Figure 1: SSO from OneLogin to One Identity Manager 

Integration Basics 

Once this integration is configured, then the login flow will work in one of two ways: 

Identity Provider (IdP) Initiated 

  1. A user logs into OneLogin and clicks on a One Identity Manager app tile in the OneLogin User Portal. 
  2. OneLogin forwards information about the user to Identity Manager. 
  3. Because Identity Manager is configured to trust authentication requests from OneLogin AND the user matches to an existing user in Identity Manager, the user is granted access. 
  4. A new tab pops up and the user is logged into the Identity Manager Web Portal. 

Service Provider (SP) Initiated 

  1. A user goes to their Identity Manager Web Portal. 
  2. Identity Manager sends an authentication request to OneLogin. 
  3. If the user is not already logged in to OneLogin they will be prompted to do so. 
  4. OneLogin sends an acknowledgement back to One Identity Manager that the user has logged in successfully along with identifying information of the user. 

How to Configure the Login to One Identity Manager 

All you need to get started is a OneLogin account and an installation of Identity Manager, then there are three major steps: 

  1. Add the One Identity Manager app connector to your OneLogin account 
  2. Add OneLogin as an Identity Provider (IdP) in Identity Manager 
  3. Assign the new app to your users in OneLogin 

Add the One Identity Manager app connector to your OneLogin account 

The process to add Identity Manager takes just a few seconds.  

  1. From the OneLogin Administration UI go to Applications > Applications. 
  2. Click on Add App. 
  3. Type “One Identity” in the Search box. 
  4. Select the One Identity Manager app connector. 
  5. Change the name if you wish and click Save. 
  6. Click on the Configuration tab.  
  7. Fill in the Login Url field and the Redirect URLs field with the URI of the Identity Manager web portal for your environment. The only trick is you need to add an additional URI to the Redirect URLs that has /page.axd at the end. 
  8. Click Save. 

Now, all you need to do is keep the SSO tab open because you are going to need to copy a few values from this tab into the Identity Manager configuration pages. 

Add OneLogin as an Identity Provider (IdP) in Identity Manager 

On the Identity Manager side, you will need to make sure that it is enabled for OAuth 2.0/OpenID Connect (role-based) Authentication Module is enabled. 

Identity Manager Designer

Figure 2: Identity Manager Designer 

Assign the new app to your users in OneLogin 

If the user’s email address in OneLogin matches the email address they have specified in One Identity Manager and the One Identity Manager App connector in OneLogin has been assigned to the user, either directly or through a OneLogin role, the users will be able to easily log in to the One Identity Web Portal.  

OneLogin User Applications

Figure 3: OneLogin User Record Application Tab 

You can find more detailed instructions here. 

This is a simple and valuable Single Sign-On integration. We have several exciting integrations that are just on the horizon. Stay tuned for more as we continue to deliver you a Unified Identity Security Platform. 

About the Author

Alicia Townsend

For almost 40 years, Alicia Townsend has been working with technology as both a consultant and a trainer. She has a passion for empowering others to use technology to make their lives easier. As Director of Content and Documentation at OneLogin, Ms. Townsend works with technical writers, trainers and content marketing writers to inspire and empower everyone to take advantage of what OneLogin’s platform has to offer them.

Related Articles