This article explains how to set up and use the SAML 2.0 Integration, so your organization can rely on Single Sign-On, using OneLogin as the Identity Provider, and require employees to authenticate using your OneLogin Users directory.
How to connect the SAML 2.0 Connector integration
To set up SSO using the SAML protocol, connect to the "SAML 2.0" integration. Only organization admins are able to connect integrations on behalf of the organization.
✅ Step 1 - Select the Hub icon and go to the Apps tab.
✅ Step 2 - Look for SAML 2.0 and click on it.
✅ Step 3 - Now click on "Connect SAML 2.0", enter the integration set up. Keep this screen open to get the URL from OneLogin.
How to set up a new OneLogin application
To enable Deel to authenticate users via OneLogin using SAML 2.0 SSO protocol, create a new application following these steps:
✅ Step 1 - Navigate to the applications page in OneLogin, by hovering "Applications" in the top bar menu, and clicking on "Applications".
✅ Step 2 - Click on "Add App", on the top right.
✅ Step 3 - Search for SAML, and select the "SAML Custom Connector (Advanced)", created by OneLogin, Inc.
✅ Step 4 - Enter the display name for the application, for example, "Deel", and ensure that "Visible in portal" is checked.
✅ Step 5 - Now click on "SSO", in the left, and copy the "Issuer URL". Paste this url in the "Metadata URL" field, in Deel's SAML 2.0 configuration screen.
✅ Step 6 - Still in Deel's SAML setup, add an Entity ID to identify this integration in your Identity Provider, and click "Connect & Go To Settings". Important: Ensure to enter this exact Entity ID in OneLogin set up.
✅ Step 7 - Once the SAML Integration is connected, give it a name, and copy the "Redirect URL". This URL will be used in OneLogin configuration.
✅ Step 8 - Back to the OneLogin page, click on "Configuration" on the left. In "Audience (EntityID)", enter the same Entity ID provided in Deel's configuration. Paste the Redirect URL in the "ACS (Consumer) URL Validator" and "ACS (Consumer) URL" fields. Then click "Save", on the top right.
✅ Step 9 - To assign this application to specific users, use the "Users" tab on the left, or configure specific roles to assign this application to entire groups of users. To better understand how Groups and Roles work in OneLogin, see their training page on this topic.
✅ Step 10 - Back to Deel's SAML 2.0 settings screen, click on "Enable" to enable SSO for this organization.
Once enabled, an organization will require SSO for any employee to login.
To disable SSO at any given time, go back to this integration, and click on More > Disconnect.
FAQ
[ACCORDION] Does this integration support LastPass?
No, this integration currently doesn't support LastPass