Skip to main content
Version: Config V2

OneLogin Identity Provider

Connect ConfigCat with OneLogin via SAML.


Each SSO Identity Provider requires specific information to configure a SAML integration. The following guide will walk you through how you can connect ConfigCat with OneLogin as a SAML Identity Provider.

1. Create an Application in OneLogin

  • Log in to OneLogin, and select Applications.

    OneLogin applications
  • Click on Add App.

    OneLogin add application
  • Type SAML into the search bar, and select SAML Custom Connector (Advanced).

    OneLogin select APP
  • Enter a descriptive Display Name, then click Save.

    OneLogin app name

The next step will guide you on how to collect the information required for the appearing Configuration page.

2. Configure SAML for the OneLogin Application

  • Open your organization's authentication settings on the ConfigCat Dashboard.

    ConfigCat authentication settings

    ConfigCat Add Identity Provider
  • Give a name for your Identity Provider, and click Create.

    ConfigCat Name Identity Provider
  • From the next section of the dialog, copy the following values and paste them into the OneLogin application's configuration page.

    • Copy Entity ID and paste it into the Audience (EntityID) field.

    • Copy Assertion Consumer Service and paste it into the ACS (Consumer) URL field.

    • Paste the same Assertion Consumer Service into the ACS (Consumer) URL Validator field in regex format e.g. ^https:\/\/dashboard\-api\.configcat\.com\/saml\/acs\/08db93fc\-c4e7\-441f\-834f\-17c804385c29$

      ConfigCat SAML configuration OneLogin SML configuration
  • Scroll down a bit on this page and configure the following:

    • Select OneLogin as SAML Initiator.

    • Select Email as SAML nameID format.

    • Select Both as SAML signature element.

      OneLogin SAML initiator
  • Select Parameters, and make sure there is a NameID value entry under the SAML Custom Connector (Advanced) Field with the value Email.

    OneLogin nameID
  • Select SSO, then select SHA-256 as SAML Signature Algorithm.

    OneLogin SAML Signature Algorithm

3. Configure ConfigCat with SAML Details from OneLogin

You can choose one of the following options to configure ConfigCat with SAML Identity Provider metadata.

  • Select SSO, and copy the value of Issuer URL.

    OneLogin SAML SSO configuration
  • Paste the copied value into the Metadata URL field at ConfigCat.

    ConfigCat SAML configuration
  • Select the trusted domains. Only user accounts from trusted domains can login with SAML SSO. You can bind multiple verified domains to a SAML Identity Provider.

    Select trusted domains
  • Click on Save.

4. Assign the OneLogin Application to Users

To let users authenticate via SAML, you need to assign the newly created application to them.

  • Select Users.

    OneLogin users
  • Select the user you want to get access to the application.

    OneLogin select user
  • Select Applications, then click on the + sign.

    OneLogin add application
  • Select your application, then click Continue.

    OneLogin application added
  • Click Save.

    OneLogin application details

5. Sign In

  • Go to the ConfigCat Log In page, and click COMPANY ACCOUNT - SAML.

    ConfigCat SAML login
  • Sign in with your company email address assigned to the OneLogin application.

    ConfigCat SAML company login
  • ConfigCat will redirect you to OneLogin's sign in page. Type your credentials, and click Continue.

    OneLogin SAML login
  • You should be redirected to ConfigCat signed in with your company account.

6. Next Steps