OneLogin: SAML Identity Setup

This article will outline how to use OneLogin with Telnyx to facilitate Singe Sign-On capabilities.

C
Written by Customer Success
Updated over a week ago

The OneLogin platform is an identity management system that uses single sign-on (SSO) and a cloud directory to enable organizations to manage user access to on-premises and cloud applications. It offers such identity management solutions as Smart Factor Authentication, Single sign-on (SSO) features, and Identity Access Management (IAM) for your workforce.

In this article we will outline setting up Onelogin as a SAML Identity Provider so that we can utilize Telnyx's Single Sign-On feature.

Additional resources:


Instructions for setting up OneLogin with Telnyx

In this activity you will:

Pre-requisites:

Video Walkthrough

Setting up your Telnyx SIP portal account so you can make and receive calls:

Note: Video walkthrough for OneLogin/Telnyx configuration coming soon. Check back as we update our docs.

1. Create an SSO app on OneLogin

In this section, you will create an SSO app on OneLogin that you'll use to configure SSO authentication through Telnyx.

  1. Log into your OneLogin admin panel.

  2. From the top naviation, click the Applications drop-down and select Applications.

  3. Click on the blue Add App button in the top right corner.

    OneLogin Applications interface.

  4. On the Find Applications page, search for SAML test and select the SAML Test Connector (Advanced) option.

    Application selector on OneLogin.

  5. On the following page, enter your desired Display Name.

    SAML Test Connector administration portal.

  6. Click the blue Save button in the top right corner.

  7. After you have saved your changes, click the SSO tab from the left-hand side menu.

    The SSO tab.

  8. From the SSO page, copy the Issuer URL link. This link should resemble the following example: https://app.onelogin.com/saml/metadata/<onelogin-idp-id>

    A screenshot of the SSO tab with a highlighted issuer link.


2. Obtain Organization configuration details from Telnyx

In this section, you'll log into your Telnyx portal and get the necessary configuration details to finish setting up your OneLogin SSO app.

  1. Log into your Telnyx Mission Control Portal.

  2. If you did not complete this step as part of your pre-requisite activities, navigate to your Organization section of the Telnyx Mission Control Portal to create an Organization.

  3. Once created, navigate to the Single Sign-On section of the portal and click the green Enable Single Sign-On button.

    Singe Sign-On section of the Telnyx Mission Control Portal

  4. You will be presented with the following fields:

    1. Authentication Provider name and Short Name: Enter the values that make sense for you here.

      Please note that the Short Name will be part of the SSO URLs.

    2. IdP Metadata URL: Paste the Identity Provider Entity ID you obtained in step 9 of section 1.

      Single Sign-On details including Authentication provider name and short name details

  5. Click Import IdP Settings & Save.

  6. Once settings have been saved, you'll be shown all of the authentication provider settings which will be filled in automatically.

    IdP settings and save page.

  7. Scroll down to the Authentication Provider Generated Config section and take note of the values for the following, as you'll need them soon:

    1. Assertion Consumer Service URL

    2. Service Provider Entity ID

      Authentication provider page.


3. Add your Telnyx Organization details to your OneLogin SSO app

In this final section, you'll return to OneLogin and provide the information you obtained from Telnyx in step 7 of section 2.

  1. Return to your OneLogin admin portal.

  2. Click on the Configuration link in the left-hand menu and fill in the relevant information we just took note of above in the following fields:

    1. Audience (Entity ID): Paste the value you obtained from Service Provider Entity ID on the Telnyx Mission Control Portal (step 7, section 2)

    2. Recipient: Paste the value you obtained from Assertion Consumer Service URL on the Telnyx Mission Control Portal (step 7, section 2)

    3. ACS (Consumer) URL*: Paste the value you obtained from Assertion Consumer Service URL on the Telnyx Mission Control Portal (step 7, section 2)

    4. ACS (Consumer) URL Validator*: fill in the ACS URL escaped in a regular expression format: https:\/\/api\.telnyx\.com\/sso\/saml\/auth\/telnyxtest

    5. SAML nameID format: Select Email.

      SAML Test Connector (Advanced).
      OneLogin configuration page.
      SAML Test connector section.


  3. Once all of your configuration settings have been entered successfully, click the blue Save button in the top right-hand corner of the page.

  4. Once you are ready to enable the configs, return to your Telnyx Mission Control Portal and select Enable Single Sign-On.

    Single sign-on button.

  5. Click Save Changes.

Your chosen settings are now in effect! This will send all users in your organization an email informing them that SSO is now enabled. Your users will still be able to login using username/password for the next 72 hours. After that, they will be required to use SSO.


Troubleshooting

Q. I'm experiencing difficulty with this configuration!

A. If you experience technical difficulties while attempting to set up your OneLogin SSO with Telnyx, its possible your provider is experiencing outages/maintenance. You can check the status of OneLogin's features at https://www.onelogin.com/status.


Additional Resources

Review our getting started with guide to make sure your Telnyx Mission Control Portal account is setup correctly!

Additionally, check out:


Did this answer your question?