How can we help?

Search

How to Implement SSO OneLogin (IdP) to Allbound (SP)

Steve
Steve
  • Updated

Purpose

Allbound has the capability to support SAML SSO with OneLogin as the Identity Provider (IdP). The purpose of this article is to assist Allbound System Admins with implementing a SAML SSO from OneLogin (Identity Provider) to Allbound (Service Provider). 

 

Configuring OneLogin

When you are in the OneLogin Admin View...

  1. Navigate to the Applications > Applications tab
  2. Click on the "Add App" button in the top right-hand of the screen
  3. Search for "saml" on the Find Applications page
  4. Select the "SAML Custom Connector (Advanced)"

Give the app a display name like "Allbound SSO" and then save it.

Once you have created a new SAML app, now it is time to configure it. Use the following field => value settings for your Allbound SSO configuration.

 

Audience (EntityId) => https://your-domain.allbound.com/

Recipient => https://your-domain.allbound.com/acs

ACS (Consumer) URL Validator => https://your-domain.allbound.com/acs

ACS (Consumer) URL => https://your-domain.allbound.com/acs

SAML initiator => OneLogin

SAML nameID format => Email

SAML issuer type => Specific

SAML signature element => Response

Once you have those configurations in place, navigate to the Parameters tab. Once on the Parameters tab create the following attributes with the + button.

Make sure to check to include in the SAML assertion.

Once you have configured the 3 custom attributes, navigate to the SSO tab. This will have all of the necessary information to conclude the configuration on the Allbound side. 

Configuring Allbound

If you are an Allbound System Admin...

  1. Go to Allbound Settings > SSO Configurations
  2. Under the SAML tab, click "Add New Connection" 
  3. Then, click "Create IDP to Connect To"

Use the following color chart to match the values from the SSO tab from OneLogin to Allbound by copy/pasting the values.

When saving the certificate, be sure to paste it as plain text through a right or ctrl-click for Mac.

 

Lastly, we will need to add the following attribute mappings.

Once you have all of the information entered, save the configuration. After creating the configuration, near the bottom of the page, you will now see what your SP-Initiated SSO URL is. It will look something like...

 

Testing & Implementation

Now that you have a working configuration, you may log out and use your SP-Initiated SSO URL to test. Allbound does support just-in-time provisioning/user updating so if a user does not exist in Allbound, they will be created. You may also now be able to create an SSO Login button in SSO Options settings. You can find more information on all of the available SSO options here. 

Was this article helpful?

0 out of 0 found this helpful

Have more questions? Submit a request