To set up single sign-on for OneLogin
Request SSO access from Logz.io
Only account admins can request single sign-on access for their accounts.
To kick off this process, send an email to firstname.lastname@example.org. Write that you want to set up OneLogin SAML SSO for Logz.io. Include these items in the message:
- Your Logz.io account ID
- Your account token
The Support team will respond with the connection information you’ll need to give in OneLogin.
Add Logz.io to OneLogin
In the OneLogin top menu, browse to Apps > Add Apps.
In the Find Applications page, search for “SAML Test Connector”. Select SAML Test Connector (IdP w/attr) from the apps list.
On the Configuration page, set the Display Name to “Logz.io” and click Save.
Paste the SAML information from Support
Click the Configuration tab. Fill in these details from the Logz.io Support email message:
- In Audience, paste Audience URI from the email
- In Recipient, paste Single sign on URL from the email
- In ACS (Consumer) URL Validator, paste
- In ACS (Consumer) URL, paste Single sign on URL from the email
Set OneLogin to pass email parameter to Logz.io
In the Parameters tab, click Add parameter. The New Field dialog is displayed.
Fill in these details:
- In Field name, type “email”
- In the Flags section, select Include SAML assertion
Click Save to continue to the next panel. Select “Email” from the Value list, and click Save again to go back to the Parameters page.
Click Save (in the upper right corner of the page).
Zip the SAML certificate
Click the SSO tab.
Under X.509 Certificate, click View Details. The Standard Strength Certificate page is shown.
Download the file and zip it. You’ll attach this zip file to an email to the Support team.
Click to return to the SSO tab.
Get your endpoint information
In the SSO tab, copy the SAML 2.0 Endpoint (HTTP). Paste this in the email that you’ll send to the Support team.
Send your SAML details to Logz.io
Draft a new email to Support. Write that you want to set up OneLogin SSO, and include these items in the message:
- Your Logz.io account ID
- Your zipped certificate (from step 4)
- Your SAML 2.0 Endpoint (from step 5)
(Optional) Restrict Logz.io access to specific user groups
By default, all OneLogin users with Logz.io access can sign in to your Logz.io accounts.
You can restrict this access from the Manage users page for each of your accounts. To do this, click Add group, and then paste your group’s name from OneLogin. Do this for each group that should have access to this account.
Receive confirmation from Support
When Support has created your OneLogin + Logz.io connection, you’re done! You can start logging in to Logz.io through your Apps portal.