Fortinet black logo

Cookbook

Home FortiAuthenticator 6.4.0 Cookbook

Configuring an application on OneLogin

6.4.0
6.5.0
6.4.0
6.3.0
6.2.0
6.1.0
6.0.0
5.5.0
Copy Link
Copy Doc ID 52c06fe2-eb01-11eb-97f7-00505692583a:935961
Download PDF

Configuring an application on OneLogin

To configure an OneLogin application:
  1. In the SAML Custom Connector (Advanced) window that opens after step 7 in Creating an OneLogin application, go to the Configuration tab.

    Alternatively, go to Applications > Applications, from the applications list select your application, and then go to the Configuration tab.

  2. In Audience (Entity ID), enter the Entity ID from the remote SAML server configuration on FortiAuthenticator.
  3. In ACS (Consumer) URL Validator, enter the modified ACS (login) URL from the remote SAML server configuration on FortiAuthenticator.

    The ACS (Consumer) URL Validator must start with a “^”, end with a “$”, and have a “\” preceding every “/”, “?” and “.”.

    See the screenshot below.

  4. In ACS (Consumer) URL, enter the ACS (login) URL from the remote SAML server configuration on FortiAuthenticator.
  5. In Single Logout URL, enter the SLS (logout) URL from the remote SAML server configuration on FortiAuthenticator.
  6. In Login URL, enter the Portal URL from the remote SAML server configuration on FortiAuthenticator.
  7. SAML not valid before and SAML not valid on or after may be changed as required.
  8. Ensure that SAML initiator is set as OneLogin.
  9. Ensure that SAML nameID format is as Email.
  10. Ensure that SAML issuer type is set as Specific.
  11. In the SAML signature element dropdown, select Both.
  12. Click Save.

    Parameters while configuring an application on OneLogin must match the remote SAML server configuration on FortiAuthenticator.

    See Configuring a remote SAML server .

Previous
Next

Configuring an application on OneLogin

To configure an OneLogin application:
  1. In the SAML Custom Connector (Advanced) window that opens after step 7 in Creating an OneLogin application, go to the Configuration tab.

    Alternatively, go to Applications > Applications, from the applications list select your application, and then go to the Configuration tab.

  2. In Audience (Entity ID), enter the Entity ID from the remote SAML server configuration on FortiAuthenticator.
  3. In ACS (Consumer) URL Validator, enter the modified ACS (login) URL from the remote SAML server configuration on FortiAuthenticator.

    The ACS (Consumer) URL Validator must start with a “^”, end with a “$”, and have a “\” preceding every “/”, “?” and “.”.

    See the screenshot below.

  4. In ACS (Consumer) URL, enter the ACS (login) URL from the remote SAML server configuration on FortiAuthenticator.
  5. In Single Logout URL, enter the SLS (logout) URL from the remote SAML server configuration on FortiAuthenticator.
  6. In Login URL, enter the Portal URL from the remote SAML server configuration on FortiAuthenticator.
  7. SAML not valid before and SAML not valid on or after may be changed as required.
  8. Ensure that SAML initiator is set as OneLogin.
  9. Ensure that SAML nameID format is as Email.
  10. Ensure that SAML issuer type is set as Specific.
  11. In the SAML signature element dropdown, select Both.
  12. Click Save.

    Parameters while configuring an application on OneLogin must match the remote SAML server configuration on FortiAuthenticator.

    See Configuring a remote SAML server .

Previous
Next