Please accomplish the following steps to complete your SSO setup using OneLogin.
Log into OneLogin SSO
- Click on Administration (top right)
- Click on Applications at the top drop down and applications again
- Click "Add App"
- Search for “SAML Custom Connector (Advanced) and click on it.
- Display Name – DeleteMe
-Visible in portal (No)
-Icon – DeleteMe Icon (optional)
Save
-
On the left hand side Click on Configuration
- Relay State – Blank
- Audience Entity ID – Customer needs to enter - urn:amazon:cognito:sp:us-east-1_DVSXvqzyB
- Recipient – Blank
- ACS Consumer URL Validator - https://prod1-abine-idp.auth.us-east-1.amazoncognito.com/saml2/idpresponse
- Leave everything else the way it is up until SAML Initiator
- SAML Initiator – Service Provider
- SAML Name ID Format – Unspecified
- SAML Issuer Type – Specific
- SAML Signature Element – Both
- SAML Encryption Method – Leave as is.
- Generate Attribute Value – Select it.
- Sign SLO Request – Select it.
- Sign SLO Response – Select it.
- Save
- Click on Parameters on left hand side:
Select configured by admin.
- Click on the + button.
- The next Step is to be done 3 times. For Email, Given Name, Surname
- Field Name – Email Address http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress
- Given Name - http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname
- Surname - http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname
- Select the Include in SAML assertion option.
- Save
- Select value – email/given name/surname
- Save
- Click on SSO on the left-hand side.
- Issuer URL – Copy and send over to DeleteMe
- Under users at the top and then applications
- Assign each member access.
- Bookmark Members
https://prod1-abine-idp.auth.us-east-1.amazoncognito.com/oauth2/authorize?response_type=token&identity_provider=xxxxxx&client_id=4o0tk02413hte9o62hcfog2dc9&redirect_uri=https://sso.joindeleteme.com/sso/&scope=email+openid+aws.cognito.signin.user.admin
- Bookmark Admins
https://prod1-abine-idp.auth.us-east-1.amazoncognito.com/oauth2/authorize?response_type=token&identity_provider=-xxxxxx&client_id=4o0tk02413hte9o62hcfog2dc9&redirect_uri=https://sso.joindeleteme.com/sso/&scope=email+openid+aws.cognito.signin.user.admin
Comments
0 comments
Please sign in to leave a comment.