To configure OneLogin to sign in users into Central Desktop using SAML, follow those steps.
In OneLogin, do the following:
- In OneLogin, navigate to Apps > Find apps and search for Central Desktop. Click Add.
- In the Add Central Desktop screen select for the app to be used by the Organization and select SAML 2.0 for the Connector Version. Press Continue.
- Type your Central Desktop subdomain into the Subdomain field within the Configuration tab.
- Under the Single Sign-on tab copy the HTTP Endpoint under SAML Endpoints to the clipboard for use in Central Desktop later. Set the credentials to Configured by admin and select a default Email value of email or something equivalent to email to use as the Central Desktop credential.
- Under the Access Control tab choose which roles will have access to Central Desktop.
In Central Desktop, do the following:
- In the top right corner, click Account, then Company Setup.
- Click the Advanced tab, and then the Single Sign On link.
- Complete the fields SSO URL and SSO Logout URL as shown above (i.e. https://app.onelogin.com/client/apps).
- In the field SSO Login URL, paste the SAML HTTP Endpoint you previously copied into your clipboard.
- In OneLogin, click Security the SAML and copy the SHA-1 fingerprint. Paste that into the field SSO Certificate Fingerprint in Central Desktop.
- Enable SAML SSO by checking Enable SAMLv2 Single Sign On.
- Click "Update" to save the setting.
To test do the following:
- Login to OneLogin.
- Make sure you are logged out of Central Desktop.
- Click the Central Desktop icon on your dashboard. This should log you into Central Desktop.
If you're not using the same Email in Central Desktop as in OneLogin, do the following:
- Click Apps, then Company Apps.
- Edit the Central Desktop application.
- Navigate to the Logins tab.
- Locate your user and click Edit.
- Notice that the Email field is blank. This is because it's defaulting to the Email parameter.
- To use a different email with Central Desktop, type it in the Email field and click Update.
- Navigate to the portal and re-test by clicking the "Central Desktop" icon.