OneLogin

In order to use OneLogin as an Identity Provider, we need to set up a new application. To do so, navigate to the OneLogin administration, hover over Applications in the navigation bar, and click on Applications:

Click on the Add App button:

In the list of applications, search for "saml" and click on the item SAML Test Connector (IdP w/ attr w/ sign response):

Choose a descriptive name for your application and click the Save button:

Click the Configuration tab:

Refer to the endpoints section in the Single Sign On article how to obtain the endpoints values. Fill in these fields:

Now, we have to copy and paste some values from our OneLogin application into the Exivity instance Single Sign-on settings. In OneLogin, click on the SSO tab:

In a separate browser tab, open the Exivity SAML setting (See SAML configuration) and copy over the following settings:

Now, let's set up the OneLogin certificate in Exivity. Under the label X.509 Certificate, click the View Details link. Copy the X.509 Certificate and paste it in the X-509 certificate field in the Exivity settings.

As the last step, copy and paste this JSON object in the Advanced settings in the Exivity settings:

{
  "security": {
    "wantXMLValidation": false
  }
}

Now you're ready to use OneLogin as a SAML Identity Provider. Enable Single Sign-On in Exivity by navigating to Administration, Settings and then click on the System tab. Make sure the Single Sign-On option is set to an option including SAML2 Authentication:

OneLogin is now configured and enabled, and you can now use it to log in to your Exivity instance. The login screen will look something like this:

And by clicking on the Login button, you'll be taken to the OneLogin login screen. Exivity will receive the users e-mail address and create a new user in the configured user group (see configuration) if no existing user is found.