Configuring Single Sign On with OneLogin

Highfive Admin users on our Standard, Professional, and Professional Plus plans can use the information below to set up Single Sign On (SSO) with OneLogin. For general information about SSO, please refer to this main article

To configure SSO with OneLogin, you'll need to be logged into your Domain Dashboard in Highfive, as well as your OneLogin dashboard. 

Step 1: Create a new application in OneLogin

In the top menu bar, click Apps, and then click Add Apps.  

Step 2: Create a new SAML Test Connector (IdP)

Search for SAML Test Connector (IdP), and click that option. 

Step 3: Add an app description

Under Display Name, name this app Highfive. If you'd like to add our logo, it's provided below.  

Rectangle:

 

Square:

Once you're done, click Save

Step 4: Configure the Highfive Application

After clicking Save, click on the Configuration tab. Copy your Highfive SSO URL from your Highfive Domain Dashboard and paste it into the ACS (Consumer) URL* field. Next, convert your Highfive SSO URL into regular expression and paste that into the ACS (Consumer) URL Validator* field. For information on regular expression, visit this link.

Lastly on this page, click Save.  

Step 5: Add customer parameters

After saving, click on the Parameters tab. Then, click Add Parameter.

You'll need to create 3 parameters, one each named as such:

  • user.email
  • user.firstName
  • user.lastName

For each box, click the box for Add to Saml Assertion.

After adding each parameter, you'll need to reclick on all 3 and choose the correct corresponding value. For example, user.firstName=First Name. 

Lastly, click Save

 

Step 6: Access your SSO information in OneLogin

After clicking Save on the previous page, click SSO. You'll need this information for Step 7.

Step 7: Provide Highfive with your SAML information

After accessing the information from the previous step, click on Authentication in your Highfive Domain Dashboard. You'll want to copy and paste the information from OneLogin into Highfive. Some of the names might be slightly different, so here's what you're looking for. 

Name in Highfive  Name in OneLogin
SAML Provider URL SAML 2.0 Endpoint (HTTP)
SAML Provider Issuer Issuer URL
SAML Provider X.509 Certificate X.509 Certificate (click view details to view/copy certificate)

Paste that information into the appropriate fields below: 

Step 8: Test the configuration 

Make sure all of the information has been provided correctly by clicking 'Test Configuration.' If everything is correct, you'll get this success message: 

Step 9: Apply Configuration

This is important, nothing will be saved if you don't click Apply Configuration.

And that's it! From now on, when your users go to login to Highfive, they'll be redirected to an OneLogin sign in flow. They'll login with their OneLogin credentials, and then be redirected back to the app. 

Have more questions? Submit a request

Comments

Powered by Zendesk