1. Expel Support Center
  2. Getting started with Expel Workbench™
  3. Getting set up and ready to go in Workbench
  4. Connecting your single sign on tools

Configuring your OneLogin SSO provider with Workbench

Sharon Burton
  • Updated

  1. Log into your OneLogin Console and navigate to Administration in the top right corner.

  2. Navigate to Applications in the main top navigation.

  3. Select Add App in the top right.

  4. Search for SAML and select SAML Test Connector (IdP w/attr w/ sign response).

    Screen_Shot_2021-03-08_at_7.11.50_AM.png

  5. Under Portal:

    • Display Name: Expel Workbench.

    • Upload our logo and click Save. You can right-click this image and save it locally.

      Expel Logo

    • Click Save in the upper right corner.

  6. Select Configuration in the left navigation.

  7. Copy information from Expel Workbench to complete the integration. Open a new tab or window and log in to Expel Workbench (https://workbench.expel.io).

  8. Navigate to Settings > My Organizations and select the organization. Then click the Integrations tab and click the Configure SSO under Single Sign-on.

    Screen_Shot_2021-03-08_at_7.12.31_AM.png

  9. Copy and paste the following from Expel Workbench into OneLogin.

    • ACS URL or Single Sign-on URL → ACS (Consumer) URL.

    • Audience URI or Audience → Audience.

    • ACS URI Validator → ACS (Consumer) URI Validator.

    • Leave Yes, allow users to log in locally OR via SSO selected for local logins. This makes initial SSO setup easier. You can change this later.

      Screen_Shot_2021-03-08_at_7.13.11_AM.png

  10. In Expel Workbench, click Next.

    • Select Parameters from the left navigation.

    • Click the “+” button on the left to add a new parameter.

    • For Field name type the word email and select Include SAML assertion. Click Save.

      Screen_Shot_2021-03-08_at_7.13.42_AM.png

  11. In OneLogin, click Save in the upper right corner.

    • For Value, select Email from the list and click Save.

      Screen_Shot_2021-03-08_at_7.14.13_AM.png

  12. Navigate to SSO in the left navigation.

  13. Right-click and open in a new tab or window View Details under the X.509 Certificate.

  14. Copy and paste the X.509 Certificate from OneLogin into Expel Workbench.

    Screen_Shot_2021-03-08_at_7.14.44_AM.png

  15. Back in the SSO window, copy and paste the following from OneLogin into Expel Workbench.

    • SAML 2.0 Endpoint (HTTP)→ Single Sign-On URL or SAML 2.0 Endpoint.

    • Issuer URL → Issuer or Issuer ID.

      Screen_Shot_2021-03-08_at_7.15.18_AM.png

  16. Click Save in Expel Workbench.

  17. Click Save in OneLogin.

Important

Before signing in with SSO, make sure that:

  • In your SSO provider, Workbench is assigned to all intended users.

  • The user email addresses in your SSO provider match the email that's configured for the users in Workbench. The emails are case sensitive.

  • New members of your organization that need access to Workbench have user accounts created in Workbench and have Workbench assigned to them in your Identity Provider.

  • After you finish testing and setting up, in Workbench, you can disable local logins by clicking Edit from the list, and clicking No, users can ONLY log in via SSO. Then click Next > Next > Save to save.

  • Was this article helpful?

  • 0 out of 0 found this helpful

Related articles