> ## Documentation Index
> Fetch the complete documentation index at: https://docs.envzero.com/llms.txt
> Use this file to discover all available pages before exploring further.
# OneLogin Integration
> Integrate OneLogin as a SAML 2.0 identity provider for env zero using a custom SAML connector with the correct ACS URL, entity ID, attribute mappings, and cert.
## Introduction
This guide will detail the various steps required to integrate OneLogin as a SAML provider for your env zero organization. The current implementation supports SAML 2.0 and is used for authentication only, where you define your users in your OneLogin account to enable them access to your env zero organization. You can also add env zero as an application in your user application dashboard.
**Self-Service Configuration Available**: You can configure SAML SSO directly from your organization settings. See [Self-Service SSO Integration](/guides/sso-integrations/self-service-sso) for an overview, or [Self-Service SAML Setup](/guides/sso-integrations/self-service-saml) for step-by-step instructions.
## Steps
1. Login to your OneLogin Administrator account.
2. Under the Application tab go to the Application.
3. Click on the `Add App` button.
4. In the search box enter `SAML Custom Connector` and select `SAML Custom Connector (Advanced)`
5. Change the display name to be `env zero` and upload an icon.
6. Enter a relevant description and click on the save button.
7. Go to the configuration tab.
8. Under Audience (EntityID) enter `urn:auth0:env0:{YOUR_ENV0_ORG_ID}`
9. Under ACS (Consumer) URL Validator enter: `[-a-zA-Z0-9@:%._\+~#=]{2,256}\.[a-z]{2,6}\b([-a-zA-Z0-9@:%_\+.~#?&//=]*)`
10. Under ACS (Consumer) URL enter `https://login.app.env0.com/login/callback?connection={YOUR_ENV0_ORG_ID}`
11. Under the Login URL enter `https://app.env0.com/login/sso`
12. In the `SAML initiator` dropdown select `Service Provider`
13. In the `SAML nameID format` dropdown select `Unspecified`
14. In the `SAML signature element` dropdown select `Both`
15. Click on the save button.
16. Go to the “Parameters” tab
17. Add the following Parameters:
| Name | Marco | Value | Include in SAML assertion |
| :----------- | :---- | :--------------------- | :------------------------ |
| NameID value | false | Email | N/A |
| email | false | Email | true |
| firstName | false | First Name | true |
| lastName | false | Last Name | true |
| name | true | {firstname} {lastname} | true |
13. Click on the `Save` button.
14. Go to the `SSO` tab.
15. Copy the `SAML 2.0 Endpoint (HTTP)` URL.
16. Copy the `SLO Endpoint (HTTP)` URL.
17. In the `X.509 Certificate` click on the `View Details` link.
18. Under the `X.509 Certificate` choose `X.509 PEM` and download it.
19. Assign the relevant users to this application.
20. Navigate to your env zero organization settings and go to the **SSO** tab.
21. Click on **SAML** and complete the self-service form with:
* Identity Provider Single Sign-on URL (SAML 2.0 Endpoint (HTTP) URL)
* X.509 Certificate
## Next steps
* [Self-Service SAML Setup](/guides/sso-integrations/self-service-saml) - Review the general SAML configuration process.
* [Sync Roles & Groups From Your IdP](/guides/sso-integrations/importing-roles-or-groups-from-your-identity-provider) - Import OneLogin groups into env zero.
* [Azure Active Directory Integration](/guides/sso-integrations/self-service-azure-ad) - Compare with another supported identity provider.