The OneLogin platform is an identity management system that uses single sign-on (SSO) and a cloud directory to enable organizations to manage user access to on-premises and cloud applications. It offers such identity management solutions as Smart Factor Authentication, Single sign-on (SSO) features, and Identity Access Management (IAM) for your workforce.
In this article we will outline setting up Onelogin as a SAML Identity Provider so that we can utilize Telnyx's Single Sign-On feature.
Instructions for setting up OneLogin with Telnyx
In this activity you will:
Ensure that your Telnyx Mission Command Portal is configured properly
RECOMMENDED: Enable TLS to encrypt your traffic
Create an Organization in the Organization section of the Telnyx Mission Control Portal and make sure you record the Assertion Consumer Service URL
Setting up your Telnyx SIP portal account so you can make and receive calls:
Note: Video walkthrough for OneLogin/Telnyx configuration coming soon. Check back as we update our docs.
1. Create an SSO app on OneLogin
In this section, you will create an SSO app on OneLogin that you'll use to configure SSO authentication through Telnyx.
Log into your OneLogin admin panel.
From the top naviation, click the Applications drop-down and select Applications.
Click on the blue Add App button in the top right corner.
On the Find Applications page, search for SAML test and select the SAML Test Connector (Advanced) option.
On the following page, enter your desired Display Name.
Click the blue Save button in the top right corner.
After you have saved your changes, click the SSO tab from the left-hand side menu.
From the SSO page, copy the Issuer URL link. This link should resemble the following example: https://app.onelogin.com/saml/metadata/<onelogin-idp-id>
2. Obtain Organization configuration details from Telnyx
In this section, you'll log into your Telnyx portal and get the necessary configuration details to finish setting up your OneLogin SSO app.
Log into your Telnyx Mission Control Portal.
Once created, navigate to the Single Sign-On section of the portal and click the green Enable Single Sign-On button.
You will be presented with the following fields:
Authentication Provider name and Short Name: Enter the values that make sense for you here.
Please note that the Short Name will be part of the SSO URLs.
IdP Metadata URL: Paste the Identity Provider Entity ID you obtained in step 9 of section 1.
Click Import IdP Settings & Save.
Once settings have been saved, you'll be shown all of the authentication provider settings which will be filled in automatically.
Scroll down to the Authentication Provider Generated Config section and take note of the values for the following, as you'll need them soon:
3. Add your Telnyx Organization details to your OneLogin SSO app
In this final section, you'll return to OneLogin and provide the information you obtained from Telnyx in step 7 of section 2.
Return to your OneLogin admin portal.
Click on the Configuration link in the left-hand menu and fill in the relevant information we just took note of above in the following fields:
Audience (Entity ID): Paste the value you obtained from Service Provider Entity ID on the Telnyx Mission Control Portal (step 7, section 2)
Recipient: Paste the value you obtained from Assertion Consumer Service URL on the Telnyx Mission Control Portal (step 7, section 2)
ACS (Consumer) URL*: Paste the value you obtained from Assertion Consumer Service URL on the Telnyx Mission Control Portal (step 7, section 2)
ACS (Consumer) URL Validator*: fill in the ACS URL escaped in a regular expression format: https:\/\/api\.telnyx\.com\/sso\/saml\/auth\/telnyxtest
SAML nameID format: Select Email.
Once all of your configuration settings have been entered successfully, click the blue Save button in the top right-hand corner of the page.
Once you are ready to enable the configs, return to your Telnyx Mission Control Portal and select Enable Single Sign-On.
Click Save Changes.
Your chosen settings are now in effect! This will send all users in your organization an email informing them that SSO is now enabled. Your users will still be able to login using username/password for the next 72 hours. After that, they will be required to use SSO.
Q. I'm experiencing difficulty with this configuration!
A. If you experience technical difficulties while attempting to set up your OneLogin SSO with Telnyx, its possible your provider is experiencing outages/maintenance. You can check the status of OneLogin's features at https://www.onelogin.com/status.
Review our getting started with guide to make sure your Telnyx Mission Control Portal account is setup correctly!
Additionally, check out: