- Log in to OneLogin.
- In the SSO Configuration section, configure the following settings:
- Enable 'Signing users in to OneLogin'
- Add the M-Pin SSO Server Entity ID (found under Global Settings > SSO information in the M-Pin SSO web console)
- Add the M-Pin SSO X.509 certificate (found under Global Settings > SSO information in the M-Pin SSO web console)
In the M-Pin SSO web console:
- Under Integration, click on the + button next to OneLogin profiles.
The Add OneLogin profile page is displayed.
- Complete the required fields and save the profile. Settings:
- Name: (required) – name of the profile, e.g. Sample OneLogin Profile
- LDAP Profile: – if you have any LDAP profiles configured, they will be available in this drop-down
- Recipient URL: – IAM end point for the client app (if any)
- Subdomain: (required) – The subdomain of the OneLogin domain which your company has registered in the OneLogin account (usually the company name) and which is used to access the provider, e.g. if your - OneLogin URL is https://mycompany.onelogin.com, then the subdomain is 'mycompany'.
After saving, the profile is displayed on the OneLogin profiles page.
From this point on, when your users visit the OneLogin service and enter an email address belonging to the profile just set up, OneLogin will detect that single sign-on is enabled and a password will no longer be necessary.