Symptom
We are using OneLogin SAML/SSO and want to integrate our Signavio workspace into it. What steps do we have to perform?
Image/data in this KBA is from SAP internal systems, sample data, or demo systems. Any resemblance to real data is purely coincidental.
Resolution
The information provided does not imply that SAP Signavio Product Support have any expertise in setting up 3rd party identity provider (IdP) systems for customers. These are merely bits of information that were gathered over time while configuring the SAML SSO with identity providers, which may help you with a smoother setup. If you require assistance setting up your IdP system, please reach out to your consultant, partner, or specialized support.
The following is a list of instructions for configuring SSO with OneLogin.
You can set up SSO using OneLogin as an identity provider with your organization, to start, go to your OneLogin Admin Panel, https://<<COMPANYNAME>>.onelogin.com/admin (Where COMPANYNAME = your OneLogin registered companyname)
- Once there, go to the menu "Appliations" → "Applications"
- To add a new Application, select "Add App" on the right
- In the search field, type 'Saml test'. NOTE: Please do not use the app that is already there for SAP Signavio as it will not work with SAML.
- Please set up using the following additional information over the defaults:
- Info Tab:
- Please choose a name for your new application and add a SAP Signavio logo for your application.
- Configuration Tab:
- NOTE: Please use the following table and link to configure the OneLogin options, Which SAML ACS URL / EntityID will be used by Signavio?
-
OneLogin Field Equivilent Signavio Option (see link) Audience EntityID Recipient (or Destination) ACS*-field (Recipient)
ACS (Consumer) URL Validator ACS*-field (Recipient) ACS (Consumer) URL ACS*-field (Recipient) SAML nameID format
Email
-
Parameters Tab:
-
Add the below values, please tick '
Name Value NameID value UUID email Email first_name First Name last_name Last Name
-
- Info Tab:
-
Save your settings.
- Download the metadata.
-
Now you have finished the setup in Onelogin for your Signavio app, don't forget to;
- Assign users/groups in OneLogin that you want to access the Signavio app.
- Upload the file that you downloaded in Step.6, into your Signavio workspace, please see Documentation Enable SSO authentication using SAML for your workspace.
If you have any issues setting up Onelogin with Signavio, please open a ticket in SAP for me with the following information:
- Screenshots of the configuration tab
- Screenshots of the parameters tab
- Your workspace ID
- (optional) HAR-file of the SAML response,
Keywords
onelogin, process manager, sso, saml , KBA , BPI-SIG-CA-SEC-SAM , SAML 2.0 for SAP Signavio , How To
Product
Attachments
image2020-8-24_15-45-25.png |
image2020-8-24_15-47-3.png |
image2020-8-24_15-51-55.png |
image2020-8-24_15-56-29.png |
image2020-8-24_16-22-10.png |
image2020-8-24_16-46-56.png |
image2020-8-24_16-48-4.png |