Articles in this section
Category / Section

Configuring SAML 2.0 with OneLogin

2 mins read

The OneLogin platform is an access management system that uses single sign-on (SSO) and a cloud directory to enable organizations to manage user access to on-premises and cloud applications. It is a tool to help empower employees, customers and partners with secure access to your cloud and company apps on all devices.

Basically, it gives a layer of security and access to manage business applications. Instead of having to remember multiple passwords, URL, and what apps you have access to, you are directed to an easy application catalog that will list your apps and can provide single sign-on. 

Here is how users can configure SAML in BrainCert with OneLogin.

Step 1: Login to your OneLogin account

Login to your OneLogin account. Click on the Application menu and select Applications.

Step 2: Select SAML Test Connector

Click on Add App ** and search for **SAML Test Connector and select the app.

Step 3: Create a New SAML Application

Create new SAML Application and provide the display name and click Save

Step 4: Configure OneLogin

To configure OneLogin with details from your BrainCert SSO dashboard, enter all the service provider details from the BrainCert LMS SSO dashboard to the OneLogin (IdP) Configuration Dashboard.

Copy Audience(Entity ID)RecipientACS (consumer) URL ValidatorACS(Consumer) URL and Single Logout URL and paste it in the corresponding fields in OneLogin (IdP). Leave the remaining field blank.

BrainCert Dashboard

OneLogin Dashboard:

Step 5: Add the Identity Provider Details From OneLogin

To add the identity provider details from OneLogin to BrainCert SAML dashboard, go to the SSO tab *on the OneLogin menu and copy the the *Issuer URL, the SAML 2.0 Endpoint, and the SLO Endpoint *and paste it in BrainCert *Identity Provider Details field.

OneLogin Dashboard:

Click on View Details below the X.509 certificate field and it will redirect you to the certificate page. Copy the X.509 Certificate and paste in the LMS Dashboard

BrainCert Dashboard

Paste the Issuer URL from OneLogin at the Entity Id on BrainCert. SAML 2.0 Endpoint *in *SSO Service Url field, SLO Endpoint *in *SSO Logout Service URL, and also paste the X.509 Certificate . Once this is done, save the settings.

Step 6: Profile Field Mapping

Now add the parameter Group to map BrainCert to OneLogin. Click the parameter tab on the OneLogin dashboard and add the attributes emailFirst NameLast Name and Username as given in the LMS Profile Field Mapping.

BrainCert Dashboard:

OneLogin Dashboard:

Select the parameters tab on the OneLogin dashboard and click Add Attributes

Enter the attributes and select the checkbox “Include in SAML Assertion” and click save

Step 7: Group Mapping

Click on the Group Mapping in the LMS and select the default group and roles from the drop down menu. Note that users will automatically be registered in these groups at their first login. They will also be enrolled in all the courses/test assigned to that group.

Save all the settings and check your configuration. Once you have double checked the configuration, open the LMS SSO identity providers and click on Connect.

Congrats, you have successfully configured SAML with OneLogin.

Was this article useful?
Help us improve this page
Please provide feedback or comments