To set up single sign-on for OneLogin

Request SSO access from

Only account admins can request single sign-on access for their accounts.

To kick off this process, send an email to Write that you want to set up OneLogin SAML SSO for Include these items in the message:

The Support team will respond with the connection information you’ll need to give in OneLogin.

Add to OneLogin

In the OneLogin top menu, browse to Apps > Add Apps.

In the Find Applications page, search for “SAML Test Connector”. Select SAML Test Connector (Advanced) from the apps list.

On the Configuration page, set the Display Name to “” and click Save.

Paste the SAML information from Support

Click the Configuration tab. Fill in these details from the Support email message:

  • In Audience, paste Audience URI from the email
  • In Recipient, paste Single sign on URL from the email
  • In ACS (Consumer) URL Validator, paste [a-z]{5}:\/\/[a-z.0]{16}\/[a-z]{5}\/[a-z?=-]*
  • In ACS (Consumer) URL, paste Single sign on URL from the email
Set OneLogin to pass email parameter to

Parameters tab

In the Parameters tab, click Add parameter. The New Field dialog is displayed.

New Field dialog

Fill in these details:

  • In Field name, type “email”
  • In the Flags section, select Include SAML assertion

Click Save to continue to the next panel. Select “Email” from the Value list, and click Save again to go back to the Parameters page.

Click Save (in the upper right corner of the page).

Zip the SAML certificate

Click the SSO tab.

Under X.509 Certificate, click View Details. The Standard Strength Certificate page is shown.

X.509 certficiate details

Download the file and zip it. You’ll attach this zip file to an email to the Support team.

Click to return to the SSO tab.

Get your endpoint information

In the SSO tab, copy the SAML 2.0 Endpoint (HTTP). Paste this in the email that you’ll send to the Support team.

Send your SAML details to

Draft a new email to Support. Write that you want to set up OneLogin SSO, and include these items in the message:

  • Your account ID
  • Your zipped certificate (from step 4)
  • Your SAML 2.0 Endpoint (from step 5)
(Optional) Restrict access to specific user groups

Add group

By default, all OneLogin users with access can sign in to your accounts.

You can restrict this access from the Manage users page for each of your accounts. To do this, click Add group, and then paste your group’s name from OneLogin. Do this for each group that should have access to this account.

Receive confirmation from Support

When Support has created your OneLogin + connection, you’re done! You can start logging in to through your Apps portal.