To configure OneLogin to sign in users into Kintone using SAML, follow those steps.
In OneLogin, do the following:
- In OneLogin, navigate to Apps > Find apps and search for Kintone. Click Add.
- Type your Kintone subdomain into the Subdomain field within the Configuration tab.
- Under the Single Sign-on tab copy the HTTP Endpoint under SAML Endpoints to the clipboard for use in Kintone later. Set the credentials to Configured by admin and select a default Username value of email or something equivalent to email to use as Kintone's credential.
- Under the Access Control tab choose which roles will have access to Kintone.
In Kintone, do the following:
- Navigate to Users & System Administration by selecting it from the Administrator dropdown.
- Select Login in the left menu.
- Check the Enable SAML authentication checkbox.
- In the field Login URL, paste the SAML HTTP Endpoint you previously copied into your clipboard.
- In the field Logout URL, paste https://app.onelogin.com.
- In OneLogin, click Security then SAML and download the x.509 certificate in .pem format. Upload it by selecting the Browse button.
- Click Save to save the setting.
To test do the following:
- Login to OneLogin.
- Make sure you are logged out of Kintone.
- Click the Kintone icon on your dashboard. This should log you into Kintone.
If you're not using the same Username in Kintone as in OneLogin, do the following:
- Click Apps, then Company Apps.
- Edit the Kintone application.
- Navigate to the Logins tab.
- Locate your user and click Edit.
- Enter a new value in the Username field and click Update.
- Navigate to the portal and re-test by clicking the Kintone icon.
- You're done!