All Collections
Performance Intelligence (Legacy)
General Information
Setting up OneLogin SSO with Pathlight
Setting up OneLogin SSO with Pathlight
Emiliano Colosimo avatar
Written by Emiliano Colosimo
Updated over a week ago

This document explains technical steps for your organization to set up OneLogin SSO (Single Sign-On) with Pathlight. SSO will provide users with convenience as well as high security. This document will explain how you can set up a SSO-based client application in their OneLogin account to enable SSO with Pathlight.

Assumption

    1. It is assumed that SAML (Security Assertion Markup Language) based SSO will be used, as SAML is a widely-used standard for web-based applications.

    2. Your organization has their own OneLogin account, and your IT Admin/Engineering would have Admin access to set up the SSO client.

High-Level Procedure

The procedure consists of three major steps. First, the engineer within your company should create a SSO client application in their OneLogin account with proper configurations and user access - see the details in below in, Create an SSO Application in OneLogin. Next, the engineer should provide Pathlight with Metadata from the OneLogin application in a secure manner (Establish Trust Between OneLogin and Pathlight). Finally, Pathlight will turn on the SSO feature for your team (Enable OneLogin SSO).

Create an SSO Application in OneLogin

Establish Trust Between OneLogin and Pathlight

Upon the application creation, OneLogin provides Metadata that contains certificates and other information. This information should be shared with Pathlight in a secure manner to establish trust.

  1. In order to generate Metadata, go to the Applications and click the More Actions button in the top right.

  2. Select SAML Metadata option in the pull down menu. Once selected, the file will be downloaded into the local machine.

    Screenshot_2023-01-26_at_9.57.07_AM.png

  3. Your engineer/admin will send the Metadata file to Pathlight engineers.
    Option-1: Set pathlight+[org slug]@pathlight.com account to be an administrator for the download time only.
    Option-2: Hold a joint Zoom session with Pathlight engineers to share (and control) a screen to enable the download.
    Option-3: Email the metadata file to Pathlight engineers.
    ***Option 1 and 2 are more secure (hence, preferred) than Option 3.

Enable OneLogin SSO for Your Organization at Pathlight

Once Pathlight engineer receives the metadata, the SSO feature will be enabled immediately, after testing. Your company's users can enjoy SSO in two ways:

  1. Pathlight-initiated SSO: Team members can login using OneLogin SSO option in the Pathlight website.

    Screenshot_2023-01-26_at_9.57.59_AM.png

  2. OneLogin-initiated SSO: Users can first log in their OneLogin account and then click on the Pathlight for [your org] application (with Pathlight icon). Then, they will be automatically redirected and logged-in to Pathlight.

    Screenshot_2023-01-26_at_10.20.26_AM.png

    __________________________________________________________________________________

    We hope this was helpful! Please submit a ticket here if you have any questions or need further assistance.

Did this answer your question?