If your organization uses OneLogin, this guide will help you create an OneLogin Application for 0patch Central using SAML 2.0.
After the Application is successfully created, your user will be able to use one-click access to 0patch Central from their OneLogin App Portal.
Creating a new Application for 0patch Central
- Make sure to have users created in 0patch Central, and that they're active (not just invited).
- Login to OneLogin as administrator.
- In the Admin Console go to Applications -> Applications -> Add App
- Enter “SAML” in the search field to find and select the “SAML Custom Connector (Advanced)” application.
- Configure the basic settings including Display name, Logo (optional) and Description (optional), then save the application.
- In another browser tab, login to 0patch Central, go to Account -> Single Sign-On and click the switch button to enable SAML.
- In the SAML configuration dialog you’ll need the SAML Assertion Consumer URL and the Audience parameters to finish setting up the OneLogin App.
- In your newly created Apps settings, open the Configuration tab, copy the SAML configuration parameters from 0patch Central to the appropriate fields:
- Audience (EntityID): The intended audience of the SAML assertion. This is the Entity ID of your 0patch Central account.
- ACS (Consumer) URL: The location where the SAML assertion is sent with a POST operation. This URL is required and serves as the default Assertion Consumer Services (ACS) URL value for your 0patch Central account (Service Provider - SP). This URL is always used for Identity Provider (IdP) initiated sign-on requests.
- Login URL: This URL is used for Service Provider initiated (Originating from 0patch Central) sign-on requests. Copy the Audience parameter and append "login" (i.e. https://dist.0patch.com/saml/123456789/login).
- Click "Save".
- In your Apps settings, open the SSO tab to get the parameters needed to finish setting up SAML in your 0patch Central account:
- Copy the SAML 2.0 Endpoint (HTTP) parameter to the SAML SSO link field in 0patch Central.
- Copy the Issuer URL parameter to the EntityID / Issuer field in 0patch Central.
- Under 509 Certificate click "View Details".
- Copy the Base64 encoded certificate to the SAML SSO Certificate.
- Click "CONFIRM" in 0patch Central SAML setup window. You can edit the configuration in the Single Sign-On tab of 0patch Central Account section.
- After configuring SAML in 0patch Central, return to OneLogin Admin Console and go to Users -> Users. If you don’t have users in OneLogin corresponding to your 0patch users, create them.
- Edit each OneLogin user you want to have access to 0patch Central, and open the "Applications" tab.
- Assign the user to the "0patch" OneLogin Application and click "Save User".
- Now users can use one-click access the App Portal to login to 0patch Central.