Enabling Single Sign-On Using OneLogin

Stitch Admin privileges required

Setting up or modifying an existing OneLogin connection requires Admin privileges in Stitch. Refer to the Team member roles and permissions documentation for more info about privileges in Stitch.

Connect your OneLogin account to Stitch and enable Single Sign-On (SSO).

In this guide, we’ll cover:

Creating and configuring a OneLogin app
Connecting your OneLogin app to Stitch
Activating SSO for your Stitch account

Prerequisites

Admin privileges in Stitch. Refer to the Team member roles and permissions documentation for more info about privileges in Stitch.
Privileges in OneLogin that allow you to add and configure applications. If you don’t have this privilege, contact a OneLogin admin before continuing.

Refer to OneLogin’s documentation for more info.

Step 1: Create and configure a OneLogin app

Step 1.1: Retrieve your SSO info from Stitch
Step 1.2: Create the app in OneLogin
Step 1.3: Define the app’s configuration settings
Step 1.4: Define the app’s parameters
Step 1.5: Save the app configuration
Step 1.6: Download the app’s SAML metadata file
Step 1.7: Grant users access to the app

Step 1.1: Retrieve your SSO info from Stitch

Sign into your Stitch account.
Click User menu (your icon) > Edit User Settings.
Scroll down to the Single Sign-on section and click Enable SSO.
Select OneLogin from the SSO Provider menu.
Click Continue.
The Configure Your OneLogin SSO page will display.

Leave this page open - you’ll need it to complete the setup.

Step 1.2: Create the app in OneLogin

Sign into your OneLogin account.
Click Applications in the top navigation.
On the Applications page, click Add App.
In the search box, enter saml test.
In the results, click SAML Test Connector (Advanced):
On the app configuration page, enter a Display Name for the app. This is the name that will also display on the app’s tile for users in your OneLogin instance.
Click Save.

Step 1.3: Define the app's configuration settings

After the app successfully saves, click Configuration on the left side of the page.
In the Application details section, fill in the following fields:
- Audience: Paste the value from the Audience field in Stitch.
- Recipient: Paste the value from the Recipient field in Stitch.
- ACS (Consumer) URL: Paste the value from the ACS (Consumer) URL field in Stitch.
- ACS (Consumer) URL Validator: Paste the value from the ACS (Consumer) URL Validator field in Stitch.
This is how the page should look when you’re finished:

Step 1.4: Define the app's parameters

Next, you’ll add the following parameters to the app:

#	SAML Attribute Name	Value
1	given_name	First Name
2	family_name	Last Name
3	email	Email

Click Parameters on the left side of the page.
Click the plus button to add a parameter.
In the New Field window that displays:
1. In the Field name field, enter the SAML Attribute Name of the parameter. For example: given_name
2. In the Flags section, check the Include in SAML assertion box.
3. Click Save.
In the Edit Field window that displays, select the corresponding Value from the dropdown. For example: First Name is the value for the SAML Attribute given_name.
Click Save.
Repeat steps 2-5 for the remaining parameters.

This is how the page should look when all the parameters have been added:

Stitch parameters fully configured for the OneLogin app

Step 1.5: Save the app configuration

After you’ve finished defining the app’s configuration settings and parameters, click the Save button in the upper right section of the page.

Step 1.6: Download the app's SAML metadata file

Next, you’ll download your app’s SAML metadata file. This is required to connect your OneLogin app with Stitch and enable SSO.

Click the More Actions menu in the upper right section of the page.
Click SAML Metadata.
Download the file somewhere convenient.

Step 1.7: Grant users access to the app

The last step to configuring the app is to grant access to users in your OneLogin instance. This ensures that they’ll be able to access Stitch via SSO.

Using the process your organization follows, grant Stitch OneLogin app access to your colleagues.

Step 2: Connect to Stitch

Navigate back to the page where your Stitch account is open.

In Stitch, scroll down to the Connect to Stitch section of the OneLogin setup page.
Click Upload SAML Metadata.
Locate and select the SAML metadata file you downloaded in Step 1.6.

Step 3: Activate SSO

When finished, click the Activate SSO button.

Next steps

After you’ve enabled SSO for your Stitch account, remember to grant Stitch access to users in your OneLogin instance, if you haven’t already.

Questions? Feedback?

Did this article help? If you have questions or feedback, feel free to submit a pull request with your suggestions, open an issue on GitHub, or reach out to us.

Related	Troubleshooting
Managing Team Members Billing FAQ Understanding & Reducing Your Usage	Account Login, Password Reset, & Lockout Issues Adding Team Members to Multiple Accounts Payment Processing Errors