Single-Sign-On (SSO) based on SAML 2.0
First, go to the Proxyclick Marketplace and install OneLogin.
Step 1: enter your company ID
- Paste the company ID into OneLogin > Configuration tab
- Save changes
Step 2: Copy the SSO information
Go to OneLogin > tab “SSO” and copy the following 3 values: certificate, Issuer URL, and SAML 2.0 Endpoint (HTTP).
Note: for the certificate, please click on “view details” to copy the full X.509 certificate (see 2 screenshots below)
Go back to OneLogin configuration page in Proxyclick and paste these 3 values in the Issuer URL, SAML 2.0 Endpoint (HTTP) and Certificate (X.509 Certificate) (including BEGIN and END header and footer) fields.
Click on Save.
Your OneLogin connection is ready. You can now use the URL https://saml.proxyclick.com/init/CO-XXXX (where CO-XXXX is your Company ID) to log into Proxyclick using OneLogin SSO or log into OneLogin as a user and chose the Proxyclick app. But you will still need to add users in Proxyclick before you try to login with SSO (you can do it manually, in bulk or via User Provisioning. See next steps to configure User Provisioning with OneLogin).
If you didn’t do it already, go to the Proxyclick Marketplace and install OneLogin.
Step 1. Copy info from your Proxyclick account to OneLogin
- Go to OneLogin configuration page in Proxyclick and copy the SCIM Base URL, the SCIM JSON Template, the Custom Headers and the SCIM Bearer Token.
- Paste them in OneLogin > Configuration > API Connection
- Click the Enable button, the API status will change to Enabled.
Step 2. Configure User Provisioning
Go to OneLogin > Provisioning tab and perform the following actions:
- Check the Enable provisioning for Proxyclick option
- Define admin approval in function of your needs
- Select action “Delete” when users are deleted in OneLogin (this is important)
Then save the changes.
Setting up OneLogin in many locations
You can configure OnLogin and manage users across multiple locations from a single Proxyclick account.
- Connect OneLogin in your main location (follow the steps above)
- Click on Multi-location mapping on the OneLogin integration in your Integration List
Important to note: If you do not see the Multi-location mapping button, then it means you are running on an older version of our OneLogin integration. All you have to do is disconnect the integration and then reconnect it before continuing with the remaining steps.
You will then see the list of all the locations for which you’re an Admin. From this list, you can enable/disable User Provisioning for each location independently using the toggle button.
Once enabled, you will be able to either import all users for provisioning in that location or define your own filters for specific users.
You can filter users based on their city and language using the appropriate conditions for each.
If you are provisioning the same users in multiple locations, you can use the Advanced menu to force their “home location”. Proxyclick would then use this as the default location for new visits created (e.g., when using the Generic Calendar Integration).
OneLogin User Provisioning and Single Sign On require the corresponding add ons to your subscription plan. Please contact us at firstname.lastname@example.org if you have any questions.