OneLogin Integration

The below steps are performed at the IdP end. The navigation and screenshots might differ based on the version of the IdP.

The following are the steps to configure AppViewX SAML attributes in OneLogin.

  1. Create a new application.
  2. Click Add application and search for SAML Test Connector.
  3. Provide the application name and application details of AppViewX on the information page.
  4. AppViewX SAML attributes:On the Configuration tab, provide the ACS consumer URL, single login URL, and single logout URL. This can be fetched by navigating to AppViewX > Settings > General > Authentication > SAML > Enable SSO > Service URL from the configuration found at the end of the page and specify the remaining settings to default.
  5. Parameters to be sent to AppViewX: The following parameters are samples that have been sent to AppViewX.
  6. Create a parameter called FirstName which sends the user’s first name to AppViewX in the SAML Assertion.
    Include the flag in SAML Assertion for all the added parameters.
  7. Sending User Groups to AppViewX: To send User Groups to AppViewX from OneLogin via SAML Assertion, perform the following configuration:
    1. Integrate OneLogin with Active Directory.
    2. Set the field name as Roles.
    3. Enable the Flags for SAML assertion along with the multi-value parameter.
  8. To utilize the user's MemberOf attribute as a role, enter the field name as MemberOf and select the AD/LDAP CN Extraction. OneLogin without AD integration: Pass the roles field with user roles as value.
  9. The following parameters have to be passed to AppViewX through the SAML assertion.
  10. Assign application to User and Role.
    1. Download the federation metadata and click Save.
    2. Create the UserGroup within the roles in the administration section.
    3. Assign the created application to the user group.
    4. Sync users will subsequently be added to this user group.