This article explains setting up your OneLogin SSO provider with Expel Workbench
-
Log into your OneLogin Console and navigate to Administration in the top right corner.
-
Navigate to Applications > Add App.
-
Search for SAML and select SAML Test Connector (IdP w/attr w/ sign response).
-
Under Portal:
-
Display Name: Expel Workbench.
-
-
Select Configuration in the left navigation.
Copy information from Expel Workbench to complete the integration.
-
Open a new tab or window and log in to Expel Workbench (https://workbench.expel.io).
-
Navigate to Organization Settings > My Organization and select the organization.
-
On the Integrations tab, click Single Sign-on > Configure SSO.
-
Copy and paste the following from Expel Workbench into OneLogin.
-
ACS URL or Single Sign-on URL → ACS (Consumer) URL.
-
Audience URI or Audience → Audience.
-
ACS URI Validator → ACS (Consumer) URI Validator.
-
Leave Yes, allow users to log in locally OR via SSO selected for local logins. This makes initial SSO setup easier. You can change this later.
-
-
In Expel Workbench, click Next.
-
In OneLogin, in Parameters, do the following:
-
Click the “+” button on the left to add a new parameter.
-
For Field name type the word email and select Include SAML assertion. Click Save.
-
-
Click Save in the upper right corner.
-
For Value, select Email from the list and click Save.
-
Navigate to SSO in the left navigation.
-
Right-click and open in a new tab or window View Details under the X.509 Certificate.
-
Copy and paste the X.509 Certificate from OneLogin into Expel Workbench.
-
Back in the SSO window, copy and paste the following from OneLogin into Expel Workbench.
-
SAML 2.0 Endpoint (HTTP)→ Single Sign-On URL or SAML 2.0 Endpoint.
-
Issuer URL → Issuer or Issuer ID.
-
-
Click Save in Expel Workbench.
-
Click Save in OneLogin.