This topic describes how to import users from Namely to OneLogin using the Namely directory connector, essentially treating Namely as your user directory of record.
Note. Namely currently populates a user's work email address field with their personal email address after they are terminated. This can cause the same user to be imported into OneLogin twice. We are working with Namely to change this behavior.
To set up OneLogin's Namely directory connector:
Log into Namely as an administrator and get a permanent access token for the Namely API.
To learn more about how to generate a permanent access token, see Namely's API authentication documentation.
Security Note. The Namely administrator account that you use to generate the permanent access token should have permission to view only the users (and user attributes) that you want to import to OneLogin.
- Log into OneLogin as an administrator and go to Users > Directories.
Click New Directory and select Namely.
Give the directory a name, and then select which directory you want to Authenticate users in.
You can choose to have OneLogin manage user authentication (in which case you manage and store encrypted passwords in OneLogin), or you can choose any third-party directory (like Active Directory, for example) that you have already integrated with OneLogin to store passwords and manage authentication. If you choose another integrated directory, you must also configure OneLogin to export new users to that directory. See the OneLogin documentation for your directory integration for more information.
Click Save to enable additional configuration fields and tabs.
- To use this directory connector to import users from Namely to OneLogin, select Enabled under Importing Users (enabled by default).
Enter the API settings required to connect to Namely.
The Subdomain is the yourcompany part of
The API token is the permanent access token that you generated for Namely API access in step 1.
Click Save to connect to the API.
Wait a few seconds for the authentication to finish. After a successful authentication, you'll see a green banner accross the top of the page that declares success. If authentication fails, a red banner will let you know.
On the Directory Attributes tab, map the Namely fields that you want to import to OneLogin.
Select the Namely field from the dropdown in the Directory Field column for each required field. The connector automatically pulls in all Namely fields available for mapping.
Click the + plus button at the top right to add rows, where you can map additional Namely fields to OneLogin fields. For any new mappings, you must create a OneLogin custom user field to hold the value you want to sync with the Namely field. All custom fields will be available for selection from the dropdown in the OneLogin Field column in rows that you add.
Namely Teams and Groups: OneLogin imports a user's Namely team and group memberships as semicolon-delimited lists. If you create a custom field in OneLogin for Namely teams and a custom field for Namely groups and map the Namely fields to those custom fields on this tab, you can then use Namely team and group membership to create mappings that assign OneLogin attributes, like Roles. You can also use rules to provision app attributes based on Namely team or group membership; for apps that support Group creation, you can even use rules to create a Group in an app (like Google G Suite, for example) based on a user's Namely team or group membership. For more information, see Mappings and Rules.
- Click Save.
Click the More Actions menu and select Synchronize Users (Force) to initiate the user import.
The directory connector also synchronizes users automatically every six hours.
- Go to the Events tab to view when the user import has finished.