Create an app in OneLogin IdP

OneLogin is a popular Identity Provider. Its database is used to identify principals (users) before they can log in. This article shows how to create a OneLogin app and use the app to configure an SAML 2.0 SSO Sign-in mechanism on your SearchUnify search clients.

Prerequisites

Obtain a security certificate from the SearchUnify team. The certificate is stored in a file with the extension .pem.

Create an App

1. Navigate to Applications and click Applications.

   

2. Click Add App.

   

3. Search [saml], and open SAML custom connector (Advanced) from the search results.

   

4. Give the app a name in the Display Name field. Optionally, insert an app icon and description. Then, click Save.

   

5. A new menu appears on the left of your screen. Click Configuration.

   

6. Enter the following details and click Save.

   1. Recipient: Enter {{base URL}}/callback, where {{base URL}} is your SearchUnify instance.

   2. ACS (Consumer) URL Validator: Enter http:/\/\{{base URL}}/\callback, where {{base URL}} is your SearchUnify instance without the http:// suffix.

   3. ACS (Consumer) URL. Enter {{base URL}}/callback, where {{base URL}} is your SearchUnify instance.

      

7. Move to Parameters. Select either Configured by admin or Configured by admins and shared by all users. Then click .

   

8. Enter User.FirstName in Field Name. Check Include in SAML assertion and click Save.

   

9. Select First Name in Value and click Save.

   

10. Using , add three more fields: User.LastName, User.Email, and User.PersonImmutableID. Give them values Last Name, Email, and OneLogin ID. In the end, the Parameters screen should resemble the following image.

    

11. Move to SSO. Copy X.509 Certificate, Issuer URL, SAML 2.0 Endpoint (HTTP), and SLO Endpoint (HTTP).