Enable Single SignOn from Onelogin to your Canary Console with these steps.
Step 1: Create a support request to enable SAML
Drop us a note at email@example.com to enable SAML and we’ll get your Console ready.
We'll enable SAML support on your Console which will generate the parameters you need.
Step 2: Log in to your Canary Console and copy the SAML parameters
Login to your Console, click "Setup" on the top navbar, then "SAML" on the left menu:
Step 3: Log in to Onelogin and click "Administration" to get to the administration page
Step 4: Load the Apps page
Click "Apps", then "Company Apps":
Step 5: Add "SAML Test Connector (Advanced)" App
Click "Add App":
Search for "SAML Test Connector", and click on "SAML Test Connector (Advanced)":
Step 6: Enter SAML details
Choose a name for your Onelogin Canary application and click "Save":
Then click on the "Configuration" tab:
In the "Audience" field, paste your Entity ID from Step 2 (don't forget the trailing forward slash). In the "Recipient", "ACS URL Validator" and "ACS URL" fields, paste your ACS URL from Step 2:
Scroll down to the "SAML signature element", and make sure "Assertion" is selected:
Lastly, click "Save":
Step 7: Download SAML Metadata
Click "More actions", then "SAML Metadata":
Step 8: Grant Onelogin access permissions if necessary
Almost there! You may need to assign or grant permissions to use the Canary Console app, depending on your Onelogin setup:
Your Onelogin configuration is done!
Step 9: Send us the SAML Metadata
Send the SAML metadata file from Step 7 to us in your support ticket. We will configure your Console with the IdP metadata and confirm when SAML support is fully set up.
Step 10: Test login from both the Console and Onelogin
You'll know it's working when you see your Console Login page show a "Login with SSO" button:
Click the button to initiate the SSO login.
You'll also be able to login to your Console by clicking on your Canary app panel inside the Onelogin dashboard: