How to set up Single Sign-On with OneLogin
Step-by-step guide on how to set up Single sign-on integration with OneLogin
Targetprocess supports most of the SAML 2.0 compatible providers including Okta, OneLogin, Bitium and ADFS 2.0.
Integrating with OneLogin involves the following four steps:
Detailed steps are provided below.
Log in to your OneLogin Admin account, select 'Apps' and then choose ‘Add apps’ in dropdown menu. Use "OneLogin SAML Test (IdP)" application
Set application name, e.g. “Targetprocess” and click “Save” to proceed to profile settings
Now you need to log in as administrator to your Targetprocess account and get out your “Single sign on URL” for OneLogin. In Targetprocess its called “Assertion Consumer URL” and can be found at Settings > Authentication and Security > Single Sign-On.
Copy the URL. e.g. “https://your_account.tpondemand.com/api/sso/saml2” and paste into ““ SAML Consumer URL” in OneLogin.
Select “Email” on “Parameters” tab as shown below.
Now select “SSO” tab in OneLogin.
On the ‘SSO’ tab of your application in OneLogin copy "SAML 2.0 Endpoint (HTTP)" and paste it into “Sign-on URL” field in Targetprocess SSO settings.
Note: You need to create certificates in OneLogin before using them, please find additional details in OneLogin "Multiple SAML certificates" guide
Next you can enable JIT PRovisioning, disable native Targetprocess login form and some users to SSO exceptions list if needed. More information about these settings can be found in “Single Sign-On in Targetprocess” guide.
Targetprocess settings overview:
After completing the configurations in Targetprocess you need to ensure that users are assigned to Targetprocess application. OneLogin provide various ways to assign users, for testing purposes we can assign a single user under "USers" > "All Users" > [click on user name] > "Applications tab". Click on '+' sign to assign your testing user to Targetprocess application.
Additional information about assigning users to applications in OneLogin can be found in "Assigning Apps to Users"
Error 404 Not found - this means incorrect URL either in Targetprocess SSO settings or in OneLogin application settings. Please double-check your settings in OneLogin and Targetprocess to make sure URLs are valid
Other problems are less common and we'd recommend you to check your OneLogin events log to find out more details or look into Targetprocess System log