Configure SAML with OneLogin
Updated over a week ago

Tip

We recommend reading the support article Configure SSO/SAML on Start.me first.

OneLogin is a is a cloud-based identity and access management provider that designs, develops, and sells a unified access management platform to enterprise-level businesses and organizations.

You can use it to configure Single Sign-On for your Start.me team.

onelogin6.png

Step 1: Add OneLogin as IdP to Start.me

  • In your Team Admin panel, click Team Portal > Login & SSO > Custom Single Sign-On (SSO)

  • Click Add.

    SSO__1_.png

  • Select OneLogin in the list of IdP providers​

    Log.PNG

  • Click Add to start the configuration process (Step 2).


Step 2: Configure Start.me in OneLogin

Login with your OneLogin Administrator account and click the "Add App" button in your Applications section, search for SAML and select SAML Custom Connector (Advanced).

onelogin1.png
onelogin2.png

Add Start.me as display name

onelogin3.png

Configure Start.me with the following data:

Metadata URL

https://yourteamdomain].start.me/users/auth/saml2/metadata?id=[auth-id]

ACS URL

https://[yourteamdomain].start.me/users/auth/saml2/callback?id=[auth-id]

ACS URL Validator

https://[yourteamdomain].start.me/users/auth/saml2/callback?id=[auth-id]

Recipient

https://[yourteamdomain].start.me/users/auth/saml2/callback?id=[auth-id]

Audience (EntityID)

startme

SAML initiator

OneLogin

SAML nameID format

Email

Required attributes

Now click on Parameters and add the following 2 fields:

SAML Custom Connector

Value

email

Email

name

Username

onelogin7.png

Now go back to the "Configuration" tab and use the "More actions" menu to retrieve OneLogin SAML Metadata.

onelogin4.png

Save this metadata XML file locally on your machine.

Make sure you assign People to this new "Start.me" application, so you will be able to test the flow once you have completed all 3 steps.



Step 3: Configure OneLogin in Start.me

  • In the Single Sign-On section on Start.me, click "Configure" next to the OneLogin IdP.

  • In the sidebar click Browse to upload the metadata file you got from OneLogin in step 2.

onelogin5.png

After you've uploaded this file, the following fields should be automatically filled:

  • SAML2.0 Endpoint

  • IDP Entity

  • Public Certificate

Optionally. you can change the label and the icon for the login button that will appear on your sign-in screen at https://[yourcustomdomain].start.me/users/sign_in

Now, you are done and ready to use the OneLogin login flow.

Need assistance?

For questions or help with the SSO setup, please contact our team at support@start.me.

Did this answer your question?