Designing OneClick: How setting up SAML is like shipping packages in a foreign country

March 7th, 2016   |     |  product & technology

Setting up SAML for an app in OneLogin can be scary for first-timers. “SAML endpoint, X.509 Certificate, Issuer URL metadata?” The unfamiliar jargon begins to give you a headache.

To simplify this painful experience, we created OneClick, a simple step-by-step interface that guides you through setting up SAML for an app.

Designing OneClick

In the early stages of designing OneClick, I looked at the existing UI for configuring SAML for apps in OneLogin. Since the technical jargon felt like a foreign language to me, I was reminded of a confusing experience I had at a Spanish Post Office, or Los Correos.

The SSO tab of Google Apps configuration

The person at the post office’s info desk doesn’t speak a word of English. She glanced at me through her reading glasses and handed me what seemed to be a shipping label. A little form printed with bright yellow and blue; tiny font sizes written in Spanish. The length of each form field didn’t give me much clue to what it might mean. Many fields were labeled with indecipherable one-letter abbreviations.

That little form was a big struggle to fill out. I could look up every word in the dictionary, but translating the abbreviations was a guessing game. It took 10 minutes to finish the form, but another 10 waiting for my number to be called.

The clerk quickly grew impatient with me as he exchanged growls and exaggerated gestures with my broken Spanish, until we finally got my package shipped.

My experience shipping a package in a foreign country’s post office was confusing for the same reasons as why configuring SAML can be a drag— difference in language, information design, handling errors, and attitude.

Los Correos shipping label

Welcome to the modern age of services

We wanted OneClick to be more like using a ride share service like Uber. Providing payment and turn-by-turn directions to the driver are exchanges that are automated in this new age of transportation. In a similar fashion, OneClick automates the certificate exchange, SAML configuration, federation, and de-federation, of your account into the app.

Each step of OneClick is paired with a brief, concise instruction written in friendly language with next steps. The system progress is displayed clearly with each step in the automation, giving administrators peace of mind and a sense of control.


Graceful error handling and a forgiving attitude

OneClick offers clarity and grace, especially in the way it handles errors. It tells administrators what went wrong and lets them decide either to fix it or, in the worst-case scenario, to revert the automated tasks. For those administering OneLogin, we hope this will save you time that would previously be spent testing and digging around.

Why does it matter?

We are dedicated to optimizing the product experience with features like OneClick. We know that it’s all too easy to de-value a good user experience in business applications away because:

  • It takes a lot of effort to get right. Some believe it’s impossible to have the ideal information architecture or design because there are extreme differences in how users use an app and which features they use. It is impossible to find a “golden thread”.
  • The ROI is difficult to measure. User satisfaction is abstract, in contrast to revenue.
  • The decision makers care little about the usability.

These attitudes are changing, if they haven’t already. Slack and numerous other success stories prove that good UX can generate business values, especially for enterprise applications.

What’s in it for you?

If you are building apps for the enterprise market, be prepared for your customers to demand integrations with all sorts of services. Maintaining a catalog of integrations when they vary in so many aspects can get messy very soon. Believe us, we’ve been there!

If your customers are using OneLogin, it’s your lucky day. Our OneClick API allows your app to be plugged into an SSO service with just a few lines of code. Your customers will be able to enable SAML for your app in a snap, without the headaches…and they will love you for it!

Our ultimate goal is to streamline the process of configuring all of OneLogin, not just a part of it. OneClick is just the start. The OneClick API is now available at the OneLogin Developers site. Give it a try and send us your feedback!

About the Author

Penfan Sun is the Director of User Experience at OneLogin where she is leading the product design and user research. She has 10+ -year long track record of creating designs that changed or created new product directions for companies like Salesforce, OnAir Player and SAP.

 She is specialized in crafting design strategies and tangible deliverables that result in seamless end-to-end product experience for desktop, web, mobile, to touch-screen devices. She holds a Master of Interaction Design from Carnegie Mellon University.

View all posts by Penfan Sun

Secure All Your Apps, Users, and Devices