Use OneLogin for SSO authentication Learn how to use OneLogin for Single Sign-On (SSO) authentication with SAML 2.0 so members of your organization can sign in to Kobiton using their OneLogin credentials. Get Kobiton parameters First, you’ll need to save a copy of your Kobiton SSO attributes so you can easily add them to your IdP later. First, select your profile name and picture. Then select Settings. Choose SSO Settings. From Basic configuration, copy the following values and save them to a note: Entity ID (or Audience URL) Reply (or SSO, or ACS) URL From User attributes (or parameters), copy the following values and save them to a note: email firstName lastName phoneNumber memberOf Later you’ll finish configuring your Kobiton SSO settings so keep this browser window open. Create IdP application In Onelogin, select Applications, then Add App. In the search bar, enter SAML Test Connector, then select SAML Test Connector (Advanced). Enter a display name and add a logo to customize your sign-in portal, then select Save. You’ll be automatically redirected to your Info page. Select Configuration to go back to setting up OneLogin. Using your Kobiton SSO parameters from earlier, fill out the Application details, then select Save. Map parameters Now that your IdP application is created, you’ll need to create OneLogin SSO parameters mapped to Kobiton. Go to Parameters to get started. Select the blue + icon to open the parameter creation form. Use the following information to create and map each parameter: Parameter 1 Field name: email Value: Email Include in SAML assertion: ☑ Multi-value parameter: ☐ Parameter 2 Field name: firstName Value: First Name Include in SAML assertion: ☐ Multi-value parameter: ☐ Parameter 3 Field name: lastName Value: Last Name Include in SAML assertion: ☑ Multi-value parameter: ☐ Parameter 4 Field name: memberOf Value: User Roles Include in SAML assertion: ☑ Multi-value parameter: ☐ Parameter 5 Field name: phoneNumber Value: Phone Include in SAML assertion: ☑ Multi-value parameter: ☐ When your finished, your five custom parameters will be listed beneath SAML Test Connect (Advanced) Field: Get IdP parameters and download certificate Next you’ll need to save a copy of your OneLogin parameters and download your X.509 certificate. Select SSO to get started. Copy the following values and save them to a note: Issuer URL SAML 2.0 Endpoint (HTTP) SLO Endpoint (HTTP) Next, select View Details. Choose X.509 PEM from the dropdown, then select Download to download your X.509 certificate. Add IdP parameters and certificate to Kobiton Now, you’ll need to add your IdP parameters and certificate to your Kobiton organization. In your SSO Settings, scroll down to Set up at Kobiton side. Add your IdP parameters and certificate to the following: Identity provider issuer Identity issuer URL Identity provider sign in URL Identity provider sign out URL Identity provider certificate Verify and save configuration If you enable Enforce users to login to Kobiton only through SSO, you’ll also gain access to Specify Organization Access Restrictions with the ability to enable Pass role/team assignments to users in the SAML validations. Choose the method that’s best for your organization. After you’ve chosen a method, select Verify to test your SSO configuration. If you received a successful response, select Save to complete your SSO configuration.