To configure OneLogin to sign in users into LiquidFiles using SAML, follow those steps.
In OneLogin, do the following:
- In OneLogin, navigate to Apps > Find apps and search for LiquidFiles. Click Add.
- In the Add LiquidFiles screen select for the app to be used by the Organization and select SAML 2.0 for the Connector Version. Press Continue.
- Type your LiquidFiles Base URL into the Base URL field within the Configuration tab.
- Under the Single Sign-on tab copy the HTTP Endpoint under SAML Endpoints to the clipboard for use in LiquidFIles later. Set the credentials to Configured by admin and select a default Email value of email or something equivalent to email to use as the LiquidFiles credential.
- Under the Access Control tab choose which roles will have access to LiquidFiles.
In LiquidFiles, do the following:
- In the top right corner, click Admin, then Single Sign-On in the right panel.
- Select SAML 2 from the dropdown.
- In the field IdP Login URL, paste the SAML HTTP Endpoint you previously copied to your clipboard.
- Complete the fields IdP Logout URL as shown above (i.e. https://app.onelogin.com/client/apps).
- In OneLogin, click Security the SAML and copy the SHA-1 fingerprint. Paste that into the field SSO Certificate Fingerprint in LiquidFIles.
- If you would like to use Just In Time Provisioning check the Created Users box.
- Click Save to save the setting.
To test do the following:
- Login to OneLogin.
- Make sure you are logged out of LiquidFiles.
- Click the LiquidFIles icon on your dashboard. This should log you into LiquidFiles.
If you're not using the same Email in LiquidFiles as in OneLogin, do the following:
- Click Apps, then Company Apps.
- Edit the LiquidFiles application.
- Navigate to the Logins tab.
- Locate your user and click Edit.
- To use a different email with LiquidFiles, type it in the Email field and click Update.
- Navigate to the portal and re-test by clicking the LiquidFIles icon.
Just In Time Provisioning
LiquidFIles also support Just in Time Provisioning, which will allow you to create users on the fly. Whenever a user is given access to LiquidFiles in the portal of OneLogin via Access Control that user can be created if he or she doesn't already have a LiquidFiles Account. The fields under configuration (First Name and Last Name) will be used in the creation of the user.