Configuring Single Sign-on with Onelogin

Owned by
Trevor Huntting (Unlicensed)
, created
Last updated: Jan 04, 2022

This article is intended as a step-by-step guide to set up Onelogin as an Identity Provider for Zilla. Once this integration is complete, all users will be able to sign into Zilla with Onelogin.

Prerequisites

  • You must have an admin account with Zilla Security

  • SSO should not have been configured or SSO configuration must be deleted using admin settings

  • You must be logged in as a Onelogin Super User, or have the “Manage Applications” Privilege

Step 1: Onelogin App Connector Creation

In your Onelogin admin console, select “Applications”, then “Add App”

Search for and select the “SAML Custom Connector (Advanced)”

Rename the application as desired, and add the Zilla icon from our Image Assets

Step 2: Onelogin Custom Parameter Setup

In your Onelogin Connector, navigate to the “Parameters” section. We will be adding 3 custom parameters to this connector, as Zilla expects these exact values in a SAML assertion;

  • email

  • firstName

  • lastName

When creating these values, map them to their appropriate Onelogin field, and be sure to check the box for “Include in SAML Assertion”

 

Step 3: Zilla SAML Provider Setup

Log in as a Zilla admin. After clicking the account settings (gear) icon on the top right of the page, select the “Configure” button for “Single Sign-On Provider”.
Select “SAML”, then “Configure”.

A setup window will appear

Copy the “Zilla ACS URL” and “Zilla Entity ID” to your clipboard.

 

In Onelogin, select the “Configuration” tab of your new connector, paste these values into the appropriate spaces.

For the “ACS URL Validator”, use the following value: ^https:\/\/app\.zillasecurity\.com\/$ and hit Save.

It is important to use the exact value above for security reasons. Using “ .* “ as an ACS Validator is not suited for production use in any application.

 

Next, in Onelogin, proceed to the “SSO” section.


Copy the “SAML 2.0 Endpoint” and the “Issuer URL”, and paste the values into the Zilla “IDP SSO URL” and “IDP Entity ID” respectively.

In Onelogin, select “View Details” of your X.509 Certificate. Copy this value to your clipboard.

Important: When pasting this certificate into the Zilla “IDP X.509 Certificate” field, you will need to remove “-----BEGIN CERTIFICATE-----” and “-----END CERTIFICATE-----” from the pasted value.

Select “Validate” in the Zilla SSO Configuration window. The test should be successful if the admin testing the configuration has been assigned to the Zilla connector in Onelogin correctly.

Once you have imported users from your directory into Zilla, both Admins and Reviewers should now be able to use Onelogin SSO for Zilla.