Overview
If your organization utilizes OneLogin, you can enable OneLogin SSO in ControlMap for direct tenant login only.
Note: Login to Multi-Tenant MSP Portal is supported via ScalePad hub only after mid-Nov 2024.
Creating the Integration in OneLogin
Navigate to Applications in OneLogin and select Add App. Then select SAML 2.0 as the sign-in preference. Set Encryption to SHA-256
Configuring the OneLogin integration
Enter the following details within the OneLogin Application Configuration.
NOTE: TENANT references the Tenant name within your ControlMap instance (https://TENANT.app.ctrlmap.com)
RelayState = TENANT
ACS (Consumer) URL Validation* = https://api.ctrlmap.com/v1/sso/acs
ACS (Consumer) URL* = https://TENANT.app.ctrlmap.com
Single Logout URL = https://api.ctrlmap.com/v1/sso/logout
Login URL = https://api.ctrlmap.com/v1/sso/acs
SAML not valid before = 3
SAML not valid on or after = 3
SAML Initiator = OneLogin
Within OneLogin, make note of the following for use within ControlMap.
- Entity Id / Issuer URL
- SAML 2.0 Endpoint (POST) / Sign In URL
- SLO Endpoint / Logout URL
- X.509 Certificate (with SHA-512 signature algorithm)
Configuring ControlMap SSO
Within your ControlMap Tenant, navigate to Settings -> Users. On the right under Sign in Settings, enable the SAML 2.0 SSO Checkbox. Select One Login from the identity provider dropdown.
Enter the noted fields from OneLogin to the appropriate fields within ControlMap.
Once you've filled out the required fields, select Update settings to save and register this information with our system. Once you've updated, you can select individual users' and update their sign-in settings by selecting Update sign in preference.
If you'd like to update this settings for all users, select Set as default next to the Enable SAML 2.0 SSO section within Sign in settings.
Any questions? Reach out to our friendly, neighborhood support team by submitting a support ticket.