SSO Authentication Setup - OneLogin
Below you will find requirements and instructions for enabling OneLogin SSO for your organization using the Enterprise Management Interface.
- Administrative rights to manage Beams for your organization.
- An active OneLogin subscription with superuser access.
- For Active Directory setup, see: OneLogin's Active Directory Connector Installation Instructions
Note: Once Suitable Technologies is connected to OneLogin, you can use any supported OneLogin authentication method. These include Active Directory, Google Apps, LDAP and more.
Enabling SSO Authentication
Begin by adding the Beam app to your existing OneLogin account.
- Navigate to OneLogin Home and sign into your company's OneLogin Account.
- Select the Apps icon from the main menu, then select Add Apps from the drop-down.
- Search “Beam” in the Find Applications search box.
- Select Beam by Suitable Technologies for SAML2.0 authentication.
- Select Save to add the Beam App to your list of apps.
- A green notification box will appear indicating the successful addition of the Beam App.
- Select SSO from the Beam App main menu.
You are now ready to enter the Enable SAML2.0 configuration data to your organization settings. You must import users directly from Active Directory or manually add users to the Beam App. For more information on how to import users, visit the OneLogin Help Center.
- In a separate browser tab, log into your account at www.suitabletech.com.
- You will be redirected to the Advanced Beam Management Dashboard.
- Select Organization from the main menu.
- Select Authentication from the section menu to view your Authentication Settings.
- Under Authentication Method, click Change next to Beam and/or Google Accounts.
- Select OneLogin, then Continue.
The following instructions will lead you to the necessary information to enter your OneLogin App ID:
- Return to the Beam App SSO settings and locate the field for Issuer URL.
1. Copy the numeric value at the end of the URL.
- Note: This is your company's OneLogin App ID.
- Tab back to the Configure OneLogin form and paste the OneLogin App ID. Hit Continue.
- Next, you will be provided with the option to allow guests access. Allowing guest access will let users not managed by your identity provider be a part of your organization.
- Finally, you will be provided with the option to edit the message sent to all users within the Beam organization informing them of this change.
- Click Confirm and Send E-Mail when complete.
You must verify that your organization owns the domain associated with your user's email accounts.This can be done via DNS TXT or CNAME entry.
- Begin by selecting Add Domain.
- Enter the domain associated with your organization.
- Click Save Domain.
- A green notification box will appear indicating the domain has been successfully added.
- All domains must be verified with a DNS TXT or DNS CNAME.
- Note: Domain verification may take a few hours after saving.
Verify with DNS TXT
- Select the Verify with DNS TXT box under the Domain Management to view instructions for adding a TXT record to your host's DNS settings.
Verify with DNS CNAME
- Select the Verify with DNS CNAME box under the Domain Management to view instructions for adding a CNAME record to your host's DNS settings.