Highfive Admin users on our Standard or Professional plans can use the information below to set up Single Sign On (SSO) with OneLogin. For general information about SSO, please refer to this main article.
To configure SSO with OneLogin, you'll need to be logged into your Domain Dashboard in Highfive, as well as your OneLogin dashboard.
Step 1: Create a new application in OneLogin
In the top menu bar, click Apps, and then click Add Apps.
Step 2: Create a new SAML Test Connector (IdP)
Search for SAML Test Connector (IdP), and click that option.
Step 3: Add an app description
Under Display Name, name this app Highfive. If you'd like to add our logo, it's provided below.
Rectangle:
Square:
Once you're done, click Save.
Step 4: Configure the Highfive Application
After clicking Save, click on the Configuration tab. Copy your Highfive SSO URL from your Highfive Domain Dashboard and paste it into the ACS (Consumer) URL* field. Next, convert your Highfive SSO URL into regular expression and paste that into the ACS (Consumer) URL Validator* field. For information on regular expression, visit this link.
Lastly on this page, click Save.
Step 5: Add customer parameters
After saving, click on the Parameters tab. Then, click Add Parameter.
You'll need to create 3 parameters, one each named as such:
- user.email
- user.firstName
- user.lastName
For each box, click the box for Add to Saml Assertion.
After adding each parameter, you'll need to reclick on all 3 and choose the correct corresponding value. For example, user.firstName=First Name. 
Lastly, click Save.
Step 6: Access your SSO information in OneLogin
After clicking Save on the previous page, click SSO. You'll need this information for Step 7.
Step 7: Provide Highfive with your SAML information
After accessing the information from the previous step, click on Authentication in your Highfive Domain Dashboard. You'll want to copy and paste the information from OneLogin into Highfive. Some of the names might be slightly different, so here's what you're looking for.
| Name in Highfive | Name in OneLogin |
| SAML Provider URL | SAML 2.0 Endpoint (HTTP) |
| SAML Provider Issuer | Issuer URL |
| SAML Provider X.509 Certificate | X.509 Certificate (click view details to view/copy certificate) |
Paste that information into the appropriate fields below:
Step 8: Test the configuration
Make sure all of the information has been provided correctly by clicking 'Test Configuration.' If everything is correct, you'll get this success message:
Step 9: Apply Configuration
This is important, nothing will be saved if you don't click Apply Configuration.
And that's it! From now on, when your users go to login to Highfive, they'll be redirected to an OneLogin sign in flow. They'll login with their OneLogin credentials, and then be redirected back to the app.
Comments