Setting Up OneLogin Authentication
Using Mitratech HQ? Go here for further instructions!
1. Add Trakstar as an app in OneLogin
- As a OneLogin administrator, visit Apps > Company Apps
- Click “Add App”
- Search for “Trakstar” and select it
- Click “Save”
2. Configure Trakstar and OneLogin
After saving the new app within OneLogin, visit the SSO tab.
- Copy down the SAML 2.0 Endpoint (HTTP).
- Underneath “X.509 Certificate”, click “View Details”. Copy down the full X.509 Certificate.
As a Trakstar administrator, visit Settings > Authentication & SSO.
Under “SAML 2.0”, click the Configure button.
- Paste the SAML 2.0 Endpoint (HTTP) from OneLogin into the IdP SSO Target URL.
- Paste the X.509 Certificate from OneLogin into the IdP Certificate.
- Click Save.
You can leave IdP Certificate Fingerprint blank, and Issuer as the default value.
Find the ACS (Consumer) URL within Trakstar, in the format
https://perform.trakstar.com/auth/saml/callback?namespace=example.
Within OneLogin, visit the Configuration tab. Your Company ID will be whatever follows
namespace= in the ACS (Consumer) URL (example, here). Enter the Company ID, and click Save.
3. Test and enable
Follow the instructions here to test and enable the integration, and for tips on troubleshooting.
Note that the NameID that OneLogin sends must match the usernames within Trakstar. Trakstar supports email addresses as usernames, but can also support other formats. If necessary, change what OneLogin sends as the NameID under Parameters.
As an alternative to adding Trakstar from the OneLogin App Catalog, you can also create a custom SAML application for Trakstar within OneLogin.