OneLogin as a SAML Provider

We have recently released a new feature that also enables OneLogin to be a SAML Service Provider. Most of our customers are used to viewing OneLogin as a SAML Identity Provider where OneLogin authenticates the user and then signs them into other applications using SAML.

For those whose SAML skills are a little rusty, here is an ultra quick refresher. In SAML land there are two parties; the identity provider and the service provider. The identity provider establishes the identity of the user and then signs them into an application, which is also called the service provider.

OneLogin as an Identity Provider

The SAML Service Provider feature has already been a tremendous help to several of our customers who use it to integrate with an on-premise identity provider. One customer uses the feature to allow AD-FS to sign users into OneLogin where the user can manually launch from OneLogin. Another customer is using the SAML Service Provider interface to chain SAML responses between identity providers.

OneLogin as a Service Provider

In this use case, the customer has moved half of their users from the on-premise identity provider to OneLogin, which now manages the single sign-on for all Salesforce users.

If you want to learn more, download the whitepaper about the SAML Service Provider interface or reach out to us at

About the Author

Christian Pedersen

Christian Pedersen, Founder and CTO of OneLogin, is responsible for ensuring that OneLogin integrates securely with cloud applications and enterprise networks. Having spent most of his career with complex enterprise software integration, he has a deep understanding of what it takes to glue together disparate technologies in a seamless way.

Related Articles