Configuring Single Sign-On for WebFilings is a breeze! These steps will guide you through setting up WebFiling's Single Sign-On functionality.
Note: Before continuing you will need to ask your WebFiling's Customer Success Manager to have SAML Single Sign-On enabled for your WebFilings account.
Setting Up OneLogin
1. In OneLogin, navigate to Apps > Find apps.
2. Search for WebFilings and click add.
3. You may edit the Display Name. Select SAML 2.0 for the connector version and click continue.
4. You may configure the app as needed. In the connector's configuration section, you must add the Login URL and Configuration URL which are found within your WebFiling's Admin configuration under Settings > SAML
5. Select Single Sign-On, set the credentials to Configured by Admin, select Email in the Default Values menu, and Update.
6. Before moving on, download the IdP Metadata for this app by visiting the SAML Issuer URL in another web browser tab. This will download the metadata info to your PC in the form of an XML file (this will be used in the following steps).
If you have not already done so, use the Access Control section in the app configuration to access to the correct OneLogin Roles.
1. Visit https://webfilings.appspot.com/admin/settings/saml/ and sign in with your administrator account.
2. Once signed in as an administrator, select Edit Settings (this will open the Edit SAML Settings window).
3. Enable SAML Single Sign-On and in the Metadata Input section select Choose File and and select the IdP MetaData XML file that was downloaded before in step 6. Optionally, you may check Require SAML Authentication, which only allow users to sign-in via OneLogin (Account Administrators and Support Users can bypass this).
OneLogin will send the User's E-Mail, configured in their OneLogin user account, to WebFilings as the User ID for their account. If your WebFilings username is the same as the users Email address then it is a good idea to check the "SAML User ID is WebFilings username" option. Keep in mind that if the Username in WebFilings is set to anything other than the email address then the user's login credentials will need to be overridden in OneLogin to reflect the correct username.
4. After uploading your IdP Metadata XML file, the Manual Settings Input fields (Identity Provider URL, Issuer, and Certificate) will now be configured with your values for your IdP configuration.
You're now ready to try the SAML Single Sign-On from OneLogin! If you have any questions on this please email firstname.lastname@example.org