Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.envzero.com/llms.txt

Use this file to discover all available pages before exploring further.

Introduction

This guide will detail the various steps required to integrate OneLogin as a SAML provider for your env zero organization. The current implementation supports SAML 2.0 and is used for authentication only, where you define your users in your OneLogin account to enable them access to your env zero organization. You can also add env zero as an application in your user application dashboard.
Self-Service Configuration Available: You can configure SAML SSO directly from your organization settings. See Self-Service SSO Integration for an overview, or Self-Service SAML Setup for step-by-step instructions.

Steps

  1. Login to your OneLogin Administrator account.
  2. Under the Application tab go to the Application.
  3. Click on the Add App button.
  4. In the search box enter SAML Custom Connector and select SAML Custom Connector (Advanced)
OneLogin application search showing SAML Custom Connector Advanced option
  1. Change the display name to be env zero and upload an icon.
  2. Enter a relevant description and click on the save button.
OneLogin custom connector app configuration showing display name set to env zero
  1. Go to the configuration tab.
  2. Under Audience (EntityID) enter urn:auth0:env0:{YOUR_ENV0_ORG_ID}
  3. Under ACS (Consumer) URL Validator enter: [-a-zA-Z0-9@:%._\+~#=]{2,256}\.[a-z]{2,6}\b([-a-zA-Z0-9@:%_\+.~#?&//=]*)
  4. Under ACS (Consumer) URL enter https://login.app.env0.com/login/callback?connection={YOUR_ENV0_ORG_ID}
  5. Under the Login URL enter https://app.env0.com/login/sso
  6. In the SAML initiator dropdown select Service Provider
  7. In the SAML nameID format dropdown select Unspecified
  8. In the SAML signature element dropdown select Both
  9. Click on the save button.
  10. Go to the “Parameters” tab
  11. Add the following Parameters:
NameMarcoValueInclude in SAML assertion
NameID valuefalseEmailN/A
emailfalseEmailtrue
firstNamefalseFirst Nametrue
lastNamefalseLast Nametrue
nametrue true
OneLogin custom connector Parameters tab showing email, firstName, lastName, and name SAML attribute mappings
  1. Click on the Save button.
  2. Go to the SSO tab.
  3. Copy the SAML 2.0 Endpoint (HTTP) URL.
  4. Copy the SLO Endpoint (HTTP) URL.
  5. In the X.509 Certificate click on the View Details link.
  6. Under the X.509 Certificate choose X.509 PEM and download it.
  7. Assign the relevant users to this application.
  8. Navigate to your env zero organization settings and go to the SSO tab.
  9. Click on SAML and complete the self-service form with:
    • Identity Provider Single Sign-on URL (SAML 2.0 Endpoint (HTTP) URL)
    • X.509 Certificate

Next steps