All Collections
Integrations
👨🏾‍💻 User Provisioning and Single Sign On
How to implement SSO and User Provisioning through OneLogin
How to implement SSO and User Provisioning through OneLogin

This article explains the steps needed to implement SSO and/or User Provisioning through OneLogin

Pearl McGuire avatar
Written by Pearl McGuire
Updated over a week ago

Single-Sign-On (SSO) based on SAML 2.0

First, go to the Proxyclick Marketplace and install OneLogin.

Step 1: enter your company ID

  • Go to OneLogin configuration page in Proxyclick and copy your company ID.

Paste the company ID into OneLogin > Configuration and Save changes

Step 2: Copy the SSO information

Go to OneLogin > SSO and copy the following 3 values: certificate, Issuer URL, and SAML 2.0 Endpoint (HTTP).

Note: for the certificate, please click on “view details” to copy the full X.509 certificate (see 2 screenshots below)

Go back to OneLogin configuration page in Proxyclick and paste these 3 values in the Issuer URL, SAML 2.0 Endpoint (HTTP) and Certificate (X.509 Certificate) (including BEGIN and END header and footer) fields.

Click on Save.

Your OneLogin connection is ready. You can now use the URL https://saml.proxyclick.com/init/CO-XXXX (where CO-XXXX is your Company ID) to log into Proxyclick using OneLogin SSO or log into OneLogin as a user and chose the Proxyclick app. But you will still need to add users in Proxyclick before you try to login with SSO (you can do it manually, in bulk or via User Provisioning. See next steps to configure User Provisioning with OneLogin).

User provisioning

If you didn’t do it already, go to the Proxyclick Marketplace and install OneLogin.

Step 1. Copy info from your Proxyclick account to OneLogin

  • Go to OneLogin configuration page in Proxyclick and copy the SCIM Base URL, the SCIM JSON Template, the Custom Headers and the SCIM Bearer Token.

  • Paste them in OneLogin > Configuration > API Connection

  • Click the Enable button, the API status will change to Enabled.

Step 2. Configure User Provisioning

Go to OneLogin > Provisioning and perform the following actions:

  • Check the Enable provisioning for Proxyclick option

  • Define admin approval in function of your needs

  • Select action “Delete” when users are deleted in OneLogin (this is important)

Then save the changes.

Setting up OneLogin in many locations

User Provisioning

You can configure OneLogin and manage users across multiple locations from a single Proxyclick account.

  1. Connect OneLogin in your main location (follow the steps above)

  2. Click on Multi-location mapping on the OneLogin integration in your Integration List

Important to note: If you do not see the Multi-location mapping button, then it means you are running on an older version of our OneLogin integration. All you have to do is disconnect the integration and then reconnect it before continuing with the remaining steps.

You will then see the list of all the locations for which you’re an Admin. From this list, you can enable/disable User Provisioning for each location independently using the toggle button.

Once enabled, you will be able to either import all users for provisioning in that location or define your own filters for specific users.

You can filter users based on their city and language using the appropriate conditions for each.

Advanced

If you are provisioning the same users in multiple locations, you can use the Advanced menu to force their “home location”. Proxyclick would then use this as the default location for new visits created (e.g., when using the Generic Calendar Integration or the Outlook integration).

OneLogin User Provisioning and Single Sign On require the corresponding add ons to your subscription plan.

If you have any questions or feedback, please contact support@proxyclick.com or send us a message on the live chat.


Did this answer your question?