Admin OneLogin auth integration

Page summary

OneLogin auth integration


To be able to authenticate users in Betterez using OneLogin system we need to do some configurations in OneLogin as well as in Betterez.

OneLogin configuration

If you already have an OpenId Connect Application created go to step two directly.

1. Configure the OpenId Connect (OIDC)

Create a new OpenId Connect (OIDC) application from the OneLogin Administration panel.

Add a new App

config application

Search for OIDC and select the OpenId Connect app

config application 2

Create a display name for your app and Save.

config application 3

On the SSO tab, note the Client ID and Client Secret. Then change the Token Endpoint Authentication Method to POST. Click Save.

config application 6

Remember the name of your application since you will need some information to fill in Betterez

2. Configure OneLogin integration in Betterez

Go to /admin/integrations and select Open Id, once there you will need to fill the form.

  • Provider: Select onelogin
  • Issuer: The Issuer URL, something like "https://your-domain.onelogin.com/oidc/2"
  • Client Id: This is a public key issued by the external system
  • Client secret: This a key required to exchange information with the external system
  • Default role: If the users does not exists in Betterez, it will be created with the selected role
  • Disable email and password login: If Yes, users will be authenticated by OneLogin only
  • Callback URL: The return URL to set on OneLogin
  • Enable: If Yes, single sign on with OneLogin is enabled

Finding the information to complete in OneLogin

Once you creted the OneLogin application, you need to go to the Application config page and under SSO you wil find the required information

config application 4

Set a callback url

In the OneLogin application you will need to set a callback url, to do it you need to go to the Application config page and under Configuration you should copy the Callback URL from Betterez and then paste into the Redirect URI's box. For this example, we will use http://localhost:3000/oauth/callback to test.

config application 5

3. Assign users

Once everything is configured you have to assign the users you want to be authenticated in Betterez in OneLogin. To do it go to the Users section to locate your the user you want and assign the recently created application to that user.

config application 7

4. Log In With OneLogin

If your domain support SSO with OneLogin you will see the following screen

OneLogin login page