Setting up OneLogin for Firmex SSO

Step 1 - Create an application

  1. Log in to OneLogin as an administrator.
  2. Click the Administrator tab.
  3. Click the Applications tab and select Add App.
  4. Search for SAML and select OneLogin SAML Test(IdP).
    OneLogin-app.png
  5. In the Display Name field, enter Firmex.
  6. Click Save.

Step 2 - Set up the SAML configuration for the application

Click the Configuration tab and fill out the form as follows.

  1. SAML Consumer URL - https://login.firmex.com/authenticate/saml
  2. SAML Audience - firmex.com
  3. SAML Recipient - https://firmex.com
  4. ACS URL Validator - https:\/\/login.firmex.com\/authenticate\/saml

Click Save.

Note: Most of the time, ACS URL Validator should be

https://login.firmex.com/authenticate/saml

However, OneLogin needs a '\' for every '/', which makes it

https:\/\/login.firmex.com\/authenticate\/saml

Next, click the Parameters tab. Change the Email (NameID) value from -No default- to Email.
onelogin-email-config.png

Click the SSO tab and do the following:

  • Change SAML Signature Algorithm to SHA-256.
  • Copy the Issuer URL.
  • Copy the SAML 2.0 Endpoint (HTTP).
  • Click View Details under X. 509 Certificate and select Leave.
  • Copy the certificate value without the Begin Certificate and End Certificate elements.

Step 3 - Enable user access to the Firmex application

In order to access the Firmex application, you will need to grant access to the application to each user. You can create a new user for an environment, or add the application to an existing user’s profile.

Give access to existing user

  1. Click the Users tab.
  2. Click the user to which you want to enable Firmex SSO.
  3. Click the Applications tab and add new Application.
  4. Select the newly added Firmex app and click Continue.
  5. Click Save.

Give access to a new user

  1. Click the Users tab.
  2. Click New User.
  3. Enter the First name, Last name, and Email fields. Then click Save.

Follow the steps in the “Give access to existing users”, above, to give the new user access to the Firmex app.

Proceed to configure the Firmex side.