SAP Knowledge Base Article - Public

3242383 - We are using OneLogin SAML/SSO and want to integrate our SAP Signavio workspace into it. What steps do we have to perform?

Symptom

We are using OneLogin SAML/SSO and want to integrate our Signavio workspace into it. What steps do we have to perform? 

Image/data in this KBA is from SAP internal systems, sample data, or demo systems. Any resemblance to real data is purely coincidental.

Resolution

The information provided does not imply that SAP Signavio Product Support have any expertise in setting up 3rd party identity provider (IdP) systems for customers. These are merely bits of information that were gathered over time while configuring the SAML SSO with identity providers, which may help you with a smoother setup. If you require assistance setting up your IdP system, please reach out to your consultant, partner, or specialized support.

The following is a list of instructions for configuring SSO with OneLogin.

You can set up SSO using OneLogin as an identity provider with your organization, to start, go to your OneLogin Admin Panel, https://<<COMPANYNAME>>.onelogin.com/admin (Where COMPANYNAME = your OneLogin registered companyname)

  1. Once there, go to the menu "Appliations" → "Applications"



  2. To add a new Application, select "Add App" on the right



  3. In the search field, type 'Saml test'. NOTE: Please do not use the app that is already there for SAP Signavio as it will not work with SAML.


  4. Please set up using the following additional information over the defaults:
    1. Info Tab:
      1. Please choose a name for your new application and add a SAP Signavio logo for your application.
    2. Configuration Tab:
      1. NOTE: Please use the following table and link to configure the OneLogin options, Which SAML ACS URL / EntityID will be used by Signavio?
      2. OneLogin FieldEquivilent Signavio Option (see link)
        AudienceEntityID
        Recipient (or Destination)

        ACS*-field (Recipient)

        ACS (Consumer) URL ValidatorACS*-field (Recipient)
        ACS (Consumer) URLACS*-field (Recipient)

        SAML nameID format

        Email

    3. Parameters Tab:

      1. Add the below values, please tick '

        NameValue
        NameID valueUUID
        emailEmail
        first_nameFirst Name
        last_nameLast Name

  5. Save your settings.




  6. Download the metadata.



  7. Now you have finished the setup in Onelogin for your Signavio app, don't forget to;

If you have any issues setting up Onelogin with Signavio, please open a ticket in SAP for me with the following information:

  • Screenshots of the configuration tab
  • Screenshots of the parameters tab
  • Your workspace ID
  • (optional) HAR-file of the SAML response,

Keywords

onelogin, process manager, sso, saml , KBA , BPI-SIG-CA-SEC-SAM , SAML 2.0 for SAP Signavio , How To

Product

SAP Signavio Process Manager all versions ; Signavio Process Manager all versions

Attachments

image2020-8-24_15-45-25.png
image2020-8-24_15-47-3.png
image2020-8-24_15-51-55.png
image2020-8-24_15-56-29.png
image2020-8-24_16-22-10.png
image2020-8-24_16-46-56.png
image2020-8-24_16-48-4.png