1. Home
  2. Platform Administration
  3. SSO
  4. Configure SSO for OneLogin

Configure SSO for OneLogin

To access PathFactory’s Single Sign On configuration, you must:

  • Be an admin user in PathFactory
  • Contact your CSM or Support to request this feature

Check out the SSO FAQ for more information.


Step 1: Copy Values from PathFactory

  1. In PathFactory, click your username and select Organization Settings.
    imageOrganization Settings menu
  2. Under the Single Sign On tab, select OneLogin as the configuration type.
    imageConfiguration dropdown list example
  3. Copy the Audience URL and the Recipient, ACS (Consumer) URL values from the Pathfactory Service Provider Settings.
    imageSingle Sign On tab

Step 2: Configure in OneLogin

  1. Create an App from the OneLogin administrator dashboard using the SAML Test Connector (IdP w/attr) template.
    Note
    You can find steps do so from the OneLogin Knowledge Base.
  2. Name the app PathFactory, and click Save.
  3. In the Application Configuration > Configuration Tab:
    • Paste the Audience URL from Pathfactory into the Audience field.
    • Paste the Recipient, ACS (Consumer) URL from Pathfactory into the following 3 fields: Recipient, ACS (Consumer) URL Validator, and ACS (Consumer) URL.
      imageOneLogin Setup tab
  4. In the Parameters Tab, insure that Email is used as the SAML Name ID parameter.
  5. In the SSO tab, download the SAML Metadata xml file from the More Actions drop down.
    Note
    If you are unable to download the xml file, you can copy the x.509 certificate and SAML 2.0 Endpoint (HTTP) values and manually paste them in PathFactory.

    image

    SSO tab details


Step 3: Enable in PathFactory

  1. In PathFactory, return to the Single Sign On tab under Organization Settings.
  2. Click Upload File and select the SAML Metadata xml file you downloaded from OneLogin.
    Note
    If you copied the x.509 certificate and SAML 2.0 Endpoint (HTTP) you will have to manually paste those values in the SAML 2.0 Endpoint (HTTP) and certificate fields.

    image

    Upload File button

  3. Click Save to enable Single Sign On in Pathfactory.

Step 4: Adjust Mixed Mode Login Settings

Mixed Mode Login allows selected users the option to login using either SSO or their username and password.

Mixed Mode Login will automatically be enabled for all PathFactory Admin users once you’ve set up SSO, but you may want to disable this ability for some admin users, or enable it for non-admin users.

Updated on April 13, 2023

Was this article helpful?

Need Support?
Can't find the answer you're looking for? Don't worry we're here to help!
CONTACT SUPPORT