/
Configuring Single Sign-on with Onelogin

Configuring Single Sign-on with Onelogin

Overview

Onelogin is one of the Identity Providers that your organization can configure for SSO and use to log in to your Zilla Security tenant.

Scope: Admins

This article covers the following topics:

Prerequisites

  • Admin account with Zilla Security

  • SSO has not been configured or SSO configuration has been deleted in admin settings

  • You must be logged in as a Onelogin Super User or have the Manage Applications privilege

Onelogin App Connector Creation

  1. In your Onelogin admin console, click the Applications tab, then click Add App.

  2. Search for and select the SAML Custom Connector (Advanced).

  3. Rename the application as desired. Add the Zilla icon from our Image Assets.

Onelogin Custom Parameter Setup

  1. In your Onelogin Connector, navigate to Parameters.

  2. Zilla expects the exact values listed below in a SAML assertion. Add 3 custom parameters to the connector for:

  • email

  • firstName

  • lastName

  1. When creating these values, map them to their appropriate Onelogin field and be sure to select the Include in SAML Assertion check box.

Zilla SAML Provider Setup

  1. Log in as a Zilla admin and click on the Settings tab on the left side of the page. On the Discovery & Configuration tab, expand the Single Sign-On Provider dropdown and click Configure.

Settings.png

  1. Select SAML and then click Configure.

Configure SSO.png

A Configure SAML window will appear.

  1. Copy the Zilla ACS URL and Zilla Entity ID to your clipboard.

  2. In Onelogin, click the Configuration tab of your new connector and paste these values into the appropriate spaces.

  1. For the ACS URL Validator field, use the following value: ^https:\/\/app\.zillasecurity\.com\/$ and click Save.

For security reasons, please ensure you use the exact value above. Using .* as an ACS Validator is not suited for production use in any application.

  1. In Onelogin, proceed to the SSO section.


13. Copy the SAML 2.0 Endpoint and the Issuer URL values, and paste them into the Zilla IDP SSO URL and IDP Entity ID, respectively.

  1. In Onelogin, click View Details of your X.509 Certificate. Copy this value to your clipboard and paste it into the Zilla IDP X.509 Certificate field.

Important: When pasting this certificate into the Zilla IDP X.509 Certificate field, you will need to remove -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- from the pasted value.

  1. Click Validate in the Zilla SSO Configuration window. The test should be successful if the admin testing the configuration has been assigned to the Zilla connector in Onelogin correctly.

Any reviewers, technical owners, or app owners can now log in to Zilla to see the apps and reviews they have been assigned using Onelogin SSO.

When you have completed the steps above, review the information that was synced in Zilla. If you encounter any issues, please refer to our troubleshooting articles or visit support.zillasecurity.com and submit a ticket. Our support team will assist you in resolving the problem as quickly as possible.