You are viewing the Kantega SSO legacy documentation. The new documentation site is: https://kantega-sso.atlassian.net/wiki/x/hwAb

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Update screenshots and reorder steps.

...

1: Click “Add new identity provider" and select “OneLogin

2: Specify whether authenticated users pre-exist or need to be created at login.

Here, you can also assign default group memberships to users at login. (Groups can also be assigned to individual users according to Group Claims in the SAML response during login. This is configured in the "Group membership" setting available after completing the setup wizard, see step 12).


Image Added

3: Open your OneLogin Admin Console

Click the "Apps" tab, then "Add apps"

...

4: Find and select the "

...

Kantega SSO" template

In the search console, find and select "SAML Test Connector (Advanced)Kantega SSO"

Image RemovedImage Added

...

5: Give the app a name, click Save

Optionally, you can also give the app a description and portal icons.

Image RemovedImage Added

...

6: Configure URLs

  • Go into the "Configuration" tab
  • Copy the response URL value from the setup wizard into the following fields:
    • Audience
    • Recepient
    • ACS (Consumer) URL
  • Copy the URL validator value from the setup wizard into the following fields:
    • ACS (Consumer) URL Validator

Image Removed

6: Add custom parameters

  • Go to the "Parameters" tab
  • Add custom parameters to be included in the SAML assertion (one for each of email, givenName and surname)

Image Removed

Create three attribute, one attribute for givenName, surname and email.

To create an attribute, click "Add parameter". Fill in Field name and click Save 

Image Removed

Each attribute should be included in the SAML assertion.

Image Removed

When the three attributes as constructed you should see a parameter tables as below:

Image Removed

Click Save.


Image Added

7: Assure the correct roles and users have access to the new application

...

Under More Actions, right click on the SAML Metadata link and copy the URL to your clipboard for later:

Image RemovedImage Added

9. Upload Metadata XML file.

...

Press "Next" to proceed to the next wizard step.

12.

...

Here, you can also assign default group memberships to users at login. (Groups can also be assigned to individual users according to Group Claims in the SAML response during login. This is configured in the "Group membership" setting available after completing the setup wizard, see step 12).

Image Removed

Review and test the identity provider

Press "Next" to summarize the setting and "Finish" to complete the wizard.

...

After finishing the wizard, you will be sent to the test pages for verification of your setup. Here, you may also perform the last configuration parts. Follow this generic introduction to the test pages and final configuration. AD FS is used as the example here.

...