Setting up Single Sign-on (SSO) with OneLogin

Created by Aye Myat, Modified on Mon, 9 Feb at 11:01 PM by Alsabana Sahubarali

Objective

Set up SSO for Outreach with OneLogin IdP. 

For guidance on configuring Outreach SSO with other providers, click here.

Applies To

  • Outreach Admins

Procedure

Before You Begin

In order to setup OneLogin with Outreach, the following are required:

  • Admin privileges in Outreach
  • Admin privileges in OneLogin

If you are unsure of who your OneLogin admin is, we recommend contacting your IT team.

Part 1: Create an application in OneLogin

  1. Create a new application by clicking Add Apps.
    Image_2019-06-07_at_1.23.19_PM.png
  2. Search for and select SAML Test Connector (IdP).
    Image_2019-06-07_at_1.31.19_PM.png
  3. Name the SAML Test Connector (IdP) and click Save.
  4. Go to the SSO tab of your newly created app, and note three pieces of information:
    • X.509 Certificate (See step 5)
    • Issuer URL
    • SAML 2.0 Endpoint (Sign in URL)
      Image_2019-06-07_at_1.34.17_PM.png
  5. Click View Details to view the X.509 Certificate, then click Download. You will need this certificate at a later step.
    Image_2019-06-07_at_1.36.48_PM.png

Part 2: Create the Identity Provider inside Outreach

  1. In a new browser tab or window, access the Outreach platform as an Admin.
  2. Click Administration > User management > Sign-in.
  3. Click Edit.
  4. On the resulting screen, assuming your org does not already have SSO set up, click Add Identity Provider.
    Image_2019-06-07_at_1.54.26_PM.png
  5. Add the requested identity provider information, leveraging the information noted in Part 1 above, then click Save.
    Image_2019-06-07_at_1.55.21_PM.png
    Note: We recommend NOT selecting the advanced options Use NameId Instead of Email and Enable just-in-time new user provision unless the functions of each are both understood and needed by your organization. Read more about these in Advanced Settings For Identity Provider (SSO).
  6. On the resulting SSO Settings screen, to the right of the Identity Provider name, click Edit.
  7. On the Edit Identity Provider screen, scroll down to the Setup Info section and note or copy down the ACS URL and Service Provider Entity ID for use in the next part.
    outreach-edit-sso-setup.png

Part 3: Update OneLogin application

  1. Return to the OneLogin application you created in Part 1.
  2. Click the Configuration tab, then update the following application settings:
    • Audience: Use the value for Service Provider Entity ID from Part 2, Step 3.
    • Recipient: Use the value for (ACS) URL from Part 2, Step 3.
    • ACS (Consumer) URL Validator: Copy and paste the following string: https:\/\/outreach-prod\.auth0\.com\/
    • ACS (Consumer) URL: Use the value for (ACS) URL from Part 2, Step 3.

Image_2019-06-10_at_2.28.18_PM.png

Part 4: Enable SSO inside Outreach Accounts

  1. Return to your Outreach account. You should still be on the Edit Identity Provider screen.
  2. At the bottom right, click Test.
    • This will check to see if the identity provider has been set up correctly.
    • If successful, you should see a Success! page.
  3. Below the success message, examine User email and confirm it matches with your user login email inside Outreach.
  4. Click the < Back link to return to the SSO Settings page.
  5. Check the box for Enable.
  6. Click Save.

Additional Information

Advanced Settings For Identity Provider (SSO)

Single Sign On (SSO) FAQs

Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select at least one of the reasons
CAPTCHA verification is required.

Feedback sent

We appreciate your effort and will try to fix the article

Preview
0 of 0