To configure OneLogin to sign in users into Ariba using SAML, follow those steps. You'll need to contact Ariba to turn on Single Sign-On for your account. Provide them with the Issuer URL and the x.509 Certificate in .pem format.
In OneLogin, do the following:
- In OneLogin, navigate to Apps > Find apps and search for Ariba. Click Add.
- In the Add Ariba screen select for the app to be used by the Organization and select SAML 2.0 for the Connector Version. Press Continue.
- Type your Ariba realm into the Realm field within the Configuration tab.
- Under the Single Sign-on tab copy the Issuer URL to provide Ariba. Set the credentials to Configured by admin and select a default Username value of email or something equivalent to email to use as Ariba' credential.
- Under the Access Control tab choose which roles will have access to Ariba.
To test do the following:
- Login to OneLogin.
- Make sure you are logged out of Ariba.
- Click the Ariba icon on your dashboard. This should log you into Ariba.
If you're not using the same Username in Ariba as in OneLogin, do the following:
- Click Apps, then Company Apps.
- Edit the Ariba application.
- Navigate to the Logins tab.
- Locate your user and click Edit.
- Type in a new username in the Username field and click Update.
- Navigate to the portal and re-test by clicking the Ariba icon.
- You're done!