SSO Configuration - OneLogin
This guide will walk you through integrating Single Sign-On (SSO) with OneLogin to allow your users to access InfoSum using their OneLogin credentials. With this setup, user authentication will be securely managed by OneLogin, simplifying your access management process. This article is intended to be read with the core SSO integration article Single Sign-On (SSO) Integration Overview. If you haven’t already done so please read through the main article first, then proceed with this guide.
To complete the integration, you will:
- Register your application in OneLogin.
- Configure authentication settings for your app.
- Retrieve key credentials (Client ID, Client Secret, and OIDC Discovery URI).
At the end of this guide, you’ll also find troubleshooting tips to address common integration challenges.
Note: Ensure you have administrative access to your OneLogin environment before proceeding. For additional details on app registration, refer to OneLogin’s official documentation.
- OneLogin OIDC Application Setup Guide
- Introduction to App Management
- Manually Assigning Apps to Users
Step-by-Step Guide
Step 1: Register a New OIDC Application in OneLogin
-
Log in to the OneLogin Admin Console:
- Sign in with your admin credentials at OneLogin Admin Portal
-
Add a New App:
- Navigate to Applications > Applications, then click Add App.
- Search for “OpenID Connect (OIDC)” and select the OpenID Connect (OIDC) template.
- Be sure to give it a recognizable name, e.g., “InfoSum” and click Save to create the app.
Step 2: Configure the OIDC Application
-
Go to the “Configuration” tab of your registered app and enter the following “Application details”:
-
Login Url: Enter the Login Url provided by InfoSum:
- Format: https://accounts.infosum.com/login/{customername-IDPType}
- Example: https://accounts.infosum.com/login/infosum-onelogin
-
Redirect URI: Enter the Redirect URI provided by InfoSum:
- Format: https://accounts.infosum.com/authorization-code/callback/{customername-IDPType}
- Example: https://accounts.infosum.com/authorization-code/callback/infosum-onelogin
- Application Type: Set to Web.
- Token Endpoint: Set to POST.
-
Login Url: Enter the Login Url provided by InfoSum:
- Save the Configuration
Step 3: Retrieve the Required Credentials
-
Go to the SSO tab of your app and copy the following credentials:
- Client ID
- Client Secret
-
OIDC Discovery URI V2
- Format: https://{your-subdomain}.onelogin.com/oidc/2/.well-known/openid-configuration
- Replace {your-subdomain} with your OneLogin subdomain (e.g., companyname.onelogin.com).
Provide Information to InfoSum
Share the following information with InfoSum support to complete the setup of your integration:
- Client ID: The public identifier for your app.
- Client Secret: The confidential value used to authenticate your app.
- OIDC Discovery URI: The discovery endpoint for your OneLogin environment.
The main SSO article provides instructions for securely sharing your client secret with InfoSum.
Single Sign-On (SSO) Integration Overview
Testing Your Integration
Once InfoSum completes the SSO setup, test your login using the direct login URL:
Format:
<https://accounts.infosum.com/login/{customername-IDPType}>
Example:
<https://accounts.infosum.com/login/infosum-onelogin>
Alternatively, use the “Sign in with Private SSO” option at the bottom of the InfoSum login screen. This will redirect you to OneLogin’s login portal after entering your email address.
Common Issues and Troubleshooting
Invalid Client ID or Secret Error
- Ensure the Client ID and Client Secret are copied correctly.
- Verify that the Client Secret hasn’t expired.
Redirect URI Mismatch Error
- Confirm the Redirect URI in OneLogin matches exactly with what InfoSum provided.
- Pay attention to case sensitivity and any trailing slashes.
Access Denied Error
- Ensure the user logging in has the necessary permissions in OneLogin.
- Check if the user is assigned to the application in the OneLogin Admin Console.
Expired or Invalid Tokens
- Ensure the Client Secret is still valid and hasn’t expired.
- Verify that system clocks are synchronized to avoid token validation issues.
OIDC Discovery URI Not Found
- Confirm that the subdomain in the OIDC Discovery URI is correct and the whole URI follows the format for V2 shown above in this guide.
- Ensure the application registration exists in your OneLogin environment.
Conclusion
By following this guide, you will successfully configure SSO with OneLogin. Once the integration is complete, your users will be able to securely log in to InfoSum using their OneLogin credentials.
If you encounter any issues during the setup, please contact InfoSum support at support@infosum.com.