Dashboard SSO - OneLogin
By default, HUMAN uses standard authentication to grant all Dashboard users a simple, secure login experience. However, if your organization uses single sign-on (SSO) to manage internal user accounts across multiple tools, you can configure your SSO platform to access the HUMAN Dashboard. This allows your users to log in to the HUMAN Dashboard with their SSO credentials and gives your organization greater control over user access and permissions.
This guide explains how to configure SSO access through OneLogin. We also offer an SSO integration with Okta.
Before you begin, you must notify HUMAN that you’d like to enable OneLogin SSO access for your organization. A HUMAN representative will provide you with a set of unique identity credentials that you'll need to provide when you configure your OneLogin instance.
You'll also need an OneLogin account with Super User permissions.
After you’ve obtained the required credentials from HUMAN, you can integrate your OneLogin instance with the HUMAN Dashboard. To configure OneLogin, complete the following steps:
Sign in to your OneLogin portal, then navigate to Administration > Applications.
Select Add App.
- From the Find Applications menu, search for “SAML”, then choose SAML Custom Connector (SAML2.0).
From the Info tab of the SAML Custom Connector menu, enter “HUMAN Security Dashboard” in the
Display Namefield. You can also upload an icon for your connector, but an icon is not required.
From the Configurations tab, set the
CS (Consumer) URL Validator, and
ACS (Consumer) URLfields to the values that HUMAN provided you with.
From the same tab, verify that each field is set to the following values:
SAML not valid before= 3
SAML not valid on or after= 3
SAML initiator= OneLogin
SAML nameID format= Email
SAML issuer type= Generic
SAML signature element= Both
Encrypt assertion= No (box unchecked)
SAML encryption method= AES-128-CBC
Send NameID Format in SLO Request= No (box unchecked)
Generate AttributeValue tag for empty values= No (box unchecked)
SAML sessionNotOnOrAfter= 1440
Sign SLO Request= No (box unchecked)
Sign SLO Response= No (box unchecked)
From the Parameters tab, set the
Credentials areoption to Configured by admin.
In the same tab, create three custom parameters called
lastName. As you create each parameter, ensure that the
Include in SAML assertioncheckbox is selected. Then verify that the each parameter is set to the following values:
NameID value= Email
firstName= First Name
lastName= Last Name
From the SSO tab, select SHA-256 from the SAML Signature Algorithm drop-down menu.
Select Save to finalize your choices.
- After you’ve created your connector, navigate back to the SSO tab. The
SAML 2.0 Endpoint (HTTP)fields will each contain a URL value. You must send these two URLs to a HUMAN representative so we can finalize your OneLogin integration.
You'll now be able to manage your organization's SSO access to the HUMAN Dashboard.