OneLogin
    • 08 Jun 2022
    • PDF

    OneLogin

    • PDF

    Article summary

    The OneLogin integration allows you to sync SysAid with your OneLogin account so you can automatically log in to SysAid whenever you log in to OneLogin.

    For this integration to work, you must be running SysAid 16.1.25 or higher.

    Note

    Only an admin with SysAid Administrator permissions can set up this integration.

    You cannot activate this integration if another single-sign on integration has already been enabled for SysAid.

    Set up the SysAid app in OneLogin

    1. In your OneLogin admin account, navigate to Applications > Add App.
    2. Use the search bar to search for the term saml custom.
    3. Select SAML Custom Connector (Advanced).
      IntegrationOneLoginfiles01oneloginfindapplications.png
    4. In the Display Name, enter SysAid.
    5. Ensure that the Visible in Portal setting is enabled.
    6. (Optional) Upload an image for the SysAid App icon in OneLogin:
      1. Select an icon shape (Rectangular or Square).
      2. Select an image to upload.
    7. Click Save.
      IntegrationOneLoginfiles02oneloginaddconnector.png
    8. Enter the following application details in the Configuration tab:
      1. In the Audience field, enter Urn:onelogin:sysaid.
      2. In the Recipient field, enter your SysAid account URL with the extension /addons/oneLogin/jsp/consume.jsp appended to it.
      3. In the ACS (Consumer) URL Validator field, enter ^https://youraccountname.sysaidit.com/addons/oneLogin/jsp/consume.jsp$.
      4. In the ACS (Consumer) URL field, enter: ^https://youraccountname.sysaidit.com$.
        IntegrationOneLoginfiles03oneloginconfiguration.png
    9. In the Parameters tab, click IntegrationOneLoginfilesplus.pngto add a new parameter:
      • Name: User.FirstName
      • Value: First Name
      • Flags: check “Include in SAML assertion”
        IntegrationOneLoginfiles04oneloginaddparameter.png
    10. Click Save.
    11. Repeat the previous two steps to add the following two additional parameters:
      • Name: User.FirstName
      • Value: First Name
      • Flags: check “Include in SAML assertion”
      • Name: User.email
      • Value: Email
      • Flags: check “Include in SAML assertion”

    IntegrationOneLoginfiles05oneloginallparameters.png

    Note

    Leave the OneLogin SysAid app open. You will need to access it for the next part of the integration setup.

    Configure the integration in SysAid

    1. On the main My apps page, in the OneLogin icon, click IntegrationsfilesGreenCog13.jpg.
    2. In the OneLogin base URL field, enter your OneLogin account URL.
    3. In the OneLogin Callback URL field, replace the first part of the provided URL (https://MyAccount.sysaidit.com) with your SysAid account URL.
    4. Enter the OneLogin SysAid App ID:
      1. In your OneLogin account open the SSO tab.
      2. Copy the number at the end of the Issuer URL.
        IntegrationOneLoginfiles06oneloginsso.png
      3. Back in SysAid, paste the number into the OneLogin SysAid App ID field.
    5. Enter the OneLogin Certificate:
      1. In your OneLogin account open the SSO tab.
      2. Under the X.509 field, click View Details.
        IntegrationOneLoginfiles07oneloginssoviewdetails.png
      3. Copy the contents of the X.509 Certificate between the Begin Certificate and End Certificate tags.
        IntegrationOneLoginfiles08oneloginssocertificate.png
      4. Back in SysAid, paste the copied content into the OneLogin Certificate field.
    6. Enter the OneLogin Client ID and Client Secret:
      1. In your OneLogin account navigate to Settings > API.
      2. Click New Credential.
        IntegrationOneLoginfiles09oneloginnewcredential.png
      3. Enter "SysAid".
      4. SelectManage users.
      5. Click Save.
        IntegrationOneLoginfiles10onelogincreatecredential.png
      6. Copy the contents of the Client secret and Client ID fields and paste them into the corresponding fields in SysAid.
      7. Click Done.
        IntegrationOneLoginfiles11onelogincopycredential.png
    7. Enter the server location parameter:
      1. Check your OneLogin URL to determine if your server location parameter is set to Europe (eu) or United States (us).
      2. In SysAid, enter the parameter in the API Server Location field.
        IntegrationOneLoginfilesURLParameter.PNG
    8. (Optional) If you want SysAid to create new users with their OneLogin IDs, Enter Y in the Create New Users field.
    Note

    SysAid checks the OneLogin accounts against user names of admins and end users in SysAid. If the OneLogin account is identical to an existing user name or email address, SysAid does not create a new user for that account.

    1. (Optional) If you selected to allow SysAid to create new users with their OneLogin IDs, you can replace the OneLogin domain name with any name you want in the Domain Mapping field. For example, "Onelogin.com= sysaid.com, gmail.com=sysaid.com". If you want user names to contain the user's original domain, leave this field blank.
    2. Click the slider to activate the OneLogin integration.
    3. Click Save Changes.
      IntegrationOneLoginfilesOneLoginConfiguration.PNG