SSO Configuration: eSpatial & OneLogin

Integrate eSpatial with OneLogin

You can find out more about eSpatial and SSO here. In this article we look at the configuration details to setup SSO between eSpatial and the SAML 2.0. compliant OneLogin (https://www.onelogin.com/). Note that you need to have an enterprise eSpatial account to have the SSO functionality.

Enable SSO on your Account

  • Click on your username drop down in the top right corner. 
  • Select Manager Groups & Users. 
  • Click on the SSO Configuration Link. 

OneLogin Setup

Your Onelogin Administrator needs to configure the setup between eSpatial and OneLogin. 

  • Add a new OneLogin Application
  • Ensure that it is SAML 2.0
  • Give it an appropriate Name and Logo
  • Go to the Configuration Tab
  • Copy the value from the eSpatial field "Service Provider Entity Id (Audience URI)" to the OneLogin Field "Audience"
  • Copy the value from the eSpatial field "ACS SSO URL" and copy into both the "Recipient" and "ACS (Consumer) URL" in OneLogin 
  • Copy ".*." into "ACS (Consumer) URL Validator" field in OneLogin

The go to the SSO Tab in OneLogin

  • Set "SAML Signature Algorithm" to "SHA-256"
  • Copy the "Issuer URL" from OneLogin to the field " Identity Provider Metadata URL" in eSpatial
  • Confirm your settings in OneLogin by pressing save
  • Confirm your settings in eSpatial by selecting enable SSO

User Setup and Testing

  • Click on the users tab in OneLogin to ensure that at least one user has access to the eSpatial app from OneLogin to test
  • Log out of eSpatial
  • In OneLogin, go to your App Portal/Home
  • Click on the eSpatial Link from your portal and log into eSpatial from OneLogin
  • Click on the eSpatial Link from your portal and you will be redirected (& logged in) to eSpatial from OneLogin