This topic describes how to configure OneLogin to provide SSO for Spotinst using SAML.
-
Log into OneLogin as an admin and go to Apps > Add Apps.
-
Search for and select the Spotinst connector.
The initial Configuration tab appears.
-
Click Save to add the app to your Company Apps and display additional configuration tabs.
The Info tab appears.
-
Go to the Configuration tab and enter your Spotinst Organization ID in the Relay State field.
-
Go to the Parameters tab and ensure the Spotinst attributes are mapped to OneLogin attributes.
Ensure that Credentials are Configured by admin.
-
Click Save.
-
Go to More Actions > Download SAML Metadata to configure your Spotinst account with OneLogin's SAML settings. Note the location of your saved xml file.
-
In a new browser tab, log into your organization's Spotinst account as admin.
-
Click Settings and then click Identity Providers.
-
Browse and import the xml Metadata file you downloaded earlier.
Note: SSO will turn to "enabled" after uploading the OneLogin metadata.
-
-
On the OneLogin Access tab, assign the OneLogin roles that should have access to Spotinst and provide any app security policy that you want to apply to Spotinst.
You can also go to Users > All Users to add the app to individual user accounts.
-
Click Save.
-
Test the SAML connection.
-
Ensure that you have user accounts in both OneLogin and Spotinst that use the same value as the username.
You can create a test user, or you can use your own account if you choose.
-
Make sure you are logged out of Spotinst.
-
Log in to OneLogin as the test user.
-
Click the Spotinst icon on your OneLogin dashboard.
If you are able to access Spotinst without error, then SAML works.
-