Skip to main content
MindTouch Success Center

Set up SAML SSO with OneLogin

This page applies to:MindTouch (current)

This article reviews how MindTouch supports SAML SSO with OneLogin.
 

Prerequisites


How to set up MindTouch SAML SSO in OneLogin


MindTouch has worked directly with OneLogin to provide a streamlined MindTouch SAML SSO setup experience. Follow the steps below to configure MindTouch to be accessed via SAML SSO:

Step 1: Add the MindTouch SAML SSO app 

MindTouch SAML SSO is already available as an app in OneLogin. Perform the following to add MindTouch as a sign-in app:

  1. In OneLogin, navigate to Apps > Add Apps

Screenshot of adding apps in OneLogin

  1. Search for MindTouch and select MindTouch SAML 2.0.

Screenshot of finding apps in OneLogin

Step 2: Configure your MindTouch app 

  1. In the Configuration tab, enter your MindTouch Hostname. Only include the host name, not the entire URL (e.g. example.mindtouch.us).

Screenshot of MindTouch configuration in OneLogin

  1. In the  Parameters tab,  configure the following fields: 

OneLogin can be configured to send dynamic values from Active Directory or other LDAP records in addition to OneLogin group and role values.

  • Email Address (required). Maps to the email address of authenticating users in MindTouch.
  • Group (optional). Maps to MindTouch groups. Provide the attribute name group (all lowercase) to MindTouch.  
    • The default value is MemberOf, which maps to Active Directory groups through OneLogin's Active Directory connector.
    • To provide a list of groups not located in Active Directory, create custom user fields in OneLogin and map the custom user field value to the MindTouch Group field. 
  • User Display Name (optional). Maps to the display name of authenticating users in MindTouch. 
  • Username. Persistent SAML username to link authenticating MindTouch users to a OneLogin user record.

Screenshot of parameters in OneLogin

Step 3: Download the IdP metadata 

To download OneLogin IdP metadata and add OneLogin as the trusted SAML SSO IdP in MindTouch, perform the following:

  1. Click More Actions > SAML Metadata.
  2. In the SSO tab, Navigate to  SSO > SLO Endpoint (HTTP) to manually copy the single logout (SLO) endpoint.
  3. Provide the IdP SAML metadata and SLO endpoint to MindTouch.

Screenshot of SSO configuration in OneLogin

Step 4: Allow access to MindTouch SAML SSO

To associate the MindTouch SAML SSO app with the role, perform the following:

  1. Navigate to  Users > Roles > Applications
  2. Select the MindTouch application.

Screenshot of app roles in OneLogin

  1. After the role is associated with the app, add the role to a user or group, allowing the user or group of users to access MindTouch SAML SSO.

Screenshot of app role assigned in OneLogin
 

Need more help?


If you are interested in setting up SSO with OneLogin and have further questions, don't hesitate to reach out to our Support team.

  • Was this article helpful?