Custom connectors can be used to provide single sign-on to in-house applications that are specific to your organization. Anyone with a basic understanding of HTML and regular expressions should be able to configure a connector in a few minutes.

Note that a connector only defines how OneLogin logs a user into an application. In order to use it, you must create an app based on the connector. It might help understanding connectors by viewing them as templates.

Several of a connector's fields are regular expressions, which can be a little tricky to understand for beginners. Rubular is an excellent interactive regexp tester that we use. There are few things to keep in mind when entering regular expressions in OneLogin.

• Browser implementations vary and some require that the regular expression matches the entire string. Therefore the safest is to start regular expressions with ^ and end them with $.
• Remember to escape dots and question marks like this: www\.niceapp\.com\?account_id={accountid}
• Use . instead of \S. Some of the browsers seem to handle . better as a wildcard.

URLs

• Login URL - this is the URL that the user is directed to when clicking on an app on the dashboard.
• Trigger URL - this is the URL that the browser add-on looks for before it fills in the user's credentials. Trigger URLs should always start with ^ and end with $. Make sure it matches the entire string.
• Failed login regexp - if this regular matches a string on the trigger URL page, OneLogin will assume the login failed and present the user with a form where the logins values can be edited.

Login method

The login method depends on the mark-up of the login form. Most forms contain plain HTML that OneLogin can easily navigate and simply post the user credentials to, which is what the form method does. Other login pages are complex and include lots of Javascript, which can make it impossible for the add-on to fill in the credentials. In these situations, you can use the script method to hand-write a script that does the trick.

Form identified by

This field is used by the form login method to identify the relevant form on the page, which can be done by looking at the form's attributes, for example, id, name or action. This is a regular expression as form actions can often have parameters provided by the server.

Form submitted by

Once the user credentials have been filled in, the login for most be posted to the server, which is usually done by a button. This button can be identified by it's name, id, value, type or alt attribute. Some login forms have graphical buttons or call a Javascript function that need to process the values before posting them to the server. In these cases, you can provide a Javascript snippet that emulates clicking the button.

Parameters

A connector can have one or more parameters, which describe the values required in order to log a user into an application. For example, most applications require username and password, which are provided on a per-user basis. Some applications may also require a subdomain or an account number that identifies the account the user is being logged into. 

Each parameter has a number of fields:

• Type - string values are stored in clear text in OneLogin whereas passwords are encrypted.
• Name in form - the name of the HTML form element, e.g. username or password. You can use this name to substitute strings in login URL, trigger URL and action by enclosing it with { }. For example, you might have a parameter called subdomain and a login URL with the value http://{subdomain}.niceapp.com/login.
• User interface - the name of the input field used when configuring the application for a user.
• Test value - a value you can use to test the connector without having to first create an application.
• Position - defines the oder in which parameters are listed in the user interface.
• Required - whether or not is mandatory to provide a value for this parameter.
• Description - a description shows below the parameter when configuring an app or a login.

Below is shown Twitter's login form as an example.

If you have questions, please don't hesitate to submit a ticket.