Learn about the OneLogin Integration.

OneLogin Integration

OneLogin is a popular identity management product that can be integrated with Wavefront to enable single sign-on.

OneLogin SSO Setup (SAML)

After setting up the OneLogin integration, users can authenticate to Wavefront through OneLogin instead of using a password. New users who did not exist in Wavefront are auto-created on the Wavefront side when they authenticate for the first time.

Step 1. Create the Wavefront-IdP Application in OneLogin

  1. Log in to your OneLogin domain (https://<your_domain>.onelogin.com).
  2. Go to Applications and click Add App.
  3. In the search box, type SAML Test Connector and choose SAML Test Connector (Advanced).
  4. Enter the Display Name as Wavefront-IdP and click Save.
  5. Go to Configuration, enter the Application details as following and click Save. Currently, we do not have a Logout URL but it’s safe to fill it with Login URL if it’s a required field.
    • Audience (Entity ID): https://YOUR_CLUSTER.wavefront.com/api/saml/login
    • Recipient: https://YOUR_CLUSTER.wavefront.com/api/saml/login
    • ACS (Consumer) URL Validator: https://YOUR_CLUSTER.wavefront.com/api/saml/login
    • ACS (Consumer) URL: https://YOUR_CLUSTER.wavefront.com/api/saml/login
    • Login URL: https://YOUR_CLUSTER.wavefront.com/api/saml/login
  6. Go to Parameters and click icon plus to add a field.
  7. Enter the Field name, enable the flag Include in SAML assertion and click Save. Set Value to Email and Click Save.
  8. Go to SSO, change the SAML Signature Algorithm to SHA-256, and click Save.

Step 2. Send the Identity Provider Metadata to Wavefront and Complete the Setup

  1. Log in to your Wavefront instance as a user with SAML IdP Admin permissions.
  2. From the gear icon in the top right corner, select Self Service SAML.
  3. From the Identity Provider drop-down menu, select OneLogin.
  4. Paste the downloaded metadata from Step 1 into the Configure Connection text box.
  5. To validate the metadata, click Test. The OneLogin login page opens in a new browser window.
  6. Log in to OneLogin.
  7. After the login is successful, click the Save button.

    Note: The Save button is disabled until you’ve completed a test successfully.