To configure OneLogin to sign in users into AsureSpace Workspace Manager using SAML, follow those steps.
In OneLogin, do the following:
- In OneLogin, navigate to Apps > Find apps and search for AsureSpace: Workspace Manager. Click Add.
- In the Add AsureSpace: Workspace Manager screen select for the app to be used by the Organization and select SAML 2.0 for the Connector Version. Press Continue.
- Within the Configuration tab enter the name of your Workspace Manager tenant (company id):
- Under the Single Sign-on tab copy the HTTP Endpoint under SAML Endpoints to the clipboard for use in Workspace Manager later. Set the credentials to Configured by admin and select a default Email value of email or something equivalent to email to use as Workspace Manager's credential.
- Under the Access Control tab choose which roles will have access to Workspace Manager.
In Workspace Manager (WSM4), do the following:
Note: Before configuring WSM4 ensure you have at least one user within WSM4 and one user registered with the SSO provider with matching email addresses otherwise you won’t be able to access WSM4 once SSO is activated.
Note: The addition and updating of users in either system will need to be managed separately. The SAML SSO extension only authenticates existing users based on their email address.
- Log in to WSM4 with Administrator access.
- Under the Admin menu, select Database Settings.
- Select the SAML SSO tab.
X.509 Certificate – The x509 certificate fingerprint. This is provided from the identity provider when setting up the relationship. For OneLogin, this can be found on their site under Security > SAML. Copy the provided X.509 certificate here.
Identity Provider SSO Target Url - The URL or Index to which the authentication request should be sent. This would be on the identity provider. For OneLogin, this can be found within the portal AsureSpace: Workspace Manager > Single Sign-on > SAML Endpoints. Copy the url here.
To test do the following:
- Login to OneLogin.
- Make sure you are logged out of Workspace Manager.
- Click the Workspace Manager icon on your dashboard. This should log you into Workspace Manager.
If you're not using the same Email in WSM4 as in OneLogin, do the following:
- Click Apps, then Company Apps.
- Edit the WSM4 application.
- Navigate to the Logins tab.
- Locate your user and click Edit.
- To use a different email with WSM4, type it in the Email field and click Update.
- Navigate to the portal and re-test by clicking the WSM4 icon.