How to set up Single Sign-On with OneLogin | Targetprocess - Visual management software

How to set up Single Sign-On with OneLogin

Step-by-step guide on how to set up Single sign-on integration with OneLogin

Targetprocess supports most of the SAML 2.0 compatible providers including Okta, OneLogin, Bitium and ADFS 2.0.

Integrating with OneLogin involves the following four steps: 

  1. Adding Targetprocess as an application in OneLogin
  2. Configuring OneLogin details in Targetprocess
  3. Assigning Targetprocess Application to Users in OneLogin
  4. Testing SSO in Targetprocess

Detailed steps are provided below.

1. Adding Targetprocess as an application in OneLogin

  • Log in to your OneLogin Admin account, select 'Apps' and then choose ‘Add apps’ in dropdown menu. Use "OneLogin SAML Test (SP)" application1. Adding Targetprocess as an application in OneLogin

  • Set application name, e.g. “Targetprocess” and click “Save” to proceed to profile settings

How to set up Single Sign-On with OneLogin. Image 2

  • Now you need to log in as administrator to your Targetprocess account and get out your “Single sign on URL” for OneLogin. In Targetprocess its called “Assertion Consumer URL” and can be found at Settings > Authentication and Security > Single Sign-On.

How to set up Single Sign-On with OneLogin. Image 3

  • Copy the URL. e.g. “https://your_account.tpondemand.com/api/sso/saml2” and paste into ““ Login URL” in OneLogin.

  • Paste same value into “SAML Consumer URL”

How to set up Single Sign-On with OneLogin. Image 4

  • Select “Email” on “Parameters” tab as shown below.

How to set up Single Sign-On with OneLogin. Image 5

 Now select “SSO” tab in OneLogin.

2. Configuring OneLogin details in Targetprocess

On the ‘SSO’ tab of your application in OneLogin copy "SAML 2.0 Endpoint (HTTP)" and paste it into “Sign-on URL” field in Targetprocess SSO settings.

  • Click on 'View details' under X.509 certificate, copy certificate and paste in Targetprocess into “Certificate” field

2. Configuring OneLogin details in Targetprocess

How to set up Single Sign-On with OneLogin. Image 7

Note: You need to create certificates in OneLogin before using them, please find additional details in OneLogin "Multiple SAML certificates" guide

  • Next you can enable JIT PRovisioning, disable native Targetprocess login form and some users to SSO exceptions list if needed. More information about these settings can be found in “Single Sign-On in Targetprocess” guide.

Targetprocess settings overview:

How to set up Single Sign-On with OneLogin. Image 8

3. Assigning Targetprocess Application to Users in OneLogin

  • After completing the configurations in Targetprocess you need to ensure that users are assigned to Targetprocess application. OneLogin provide various ways to assign users, for testing purposes we can assign a single user under "USers" > "All Users" > [click on user name] > "Applications tab". Click on '+' sign to assign your testing user to Targetprocess application.

    Additional information about assigning users to applications in OneLogin can be found in "Assigning Apps to Users"

3. Assigning Targetprocess Application to Users in OneLogin

4. Testing SSO in Targetprocess

  • Logout from Targetprocess (click on avatar picture and choose “Logout”)
  • Open your Targetprocess URL in browser - https://YOUR_ACCOUNT.tpondemand.com/. Now two scenarios are possible:
    • if you have disabled Targetprocess login form - browser will redirect you to OneLogin login page and then to Targetprocess UI
    • if you have mixed mode enabled - you’ll have to to click “Log in using Single sign-on” on Targetprocess login page.

4. Testing SSO in Targetprocess

Troubleshooting.

There are following common problems with SSO:

  • Error 404 Not found - this means incorrect URL either in Targetprocess SSO settings or in OneLogin application settings. Please double-check your settings in OneLogin and Targetprocess to make sure URLs are valid

  • You’re getting “Sorry, you can't access Targetprocess because you are not assigned this app in OneLogin” error. To resolve this problem make sure that your user is assigned to Targetprocess application on step 3 and you’re using correct account to login to Targetprocess.

 Other problems are less common and we'd recommend you to check your OneLogin events log to find out more details or look into Targetprocess System log

There are following common problems with SSO:

Still have a question?

We're here to help! Just contact our friendly support team

Find out more about our APIs, Plugins, Mashups and custom extensions. Join our community of passionate users and even discuss directly with our developers.