OneLogin
Step 1: Configuring OneLogin
After logging in to OneLogin, set up Deep Freeze under Applications.
In the search field, type in SAML Test Connector.
Select SAML Test Connector (IdP w/ attr w/ sign response).
Assign a Display Name and click Save.
On the left pane, click SSO.
At the top right, click More Actions > SAML Metadata to download the IdP Metadata.
After you have downloaded the IdP Metadata, go to Deep Freeze Cloud to configure Step 2: SAML Settings in Deep Freeze Cloud and obtain the Service Provider Configuration information.
After you have configured Deep Freeze and generated the Service Provider Configuration, click Configuration on the left pane.
Fill in the Audience field using the Deep Freeze Cloud Audience URI.
Fill in the Recipient, ACS (Consumer) URL Validator, and ACS (Consumer) URL fields using the Deep Freeze Cloud Assertion Consumer URL, then click Save.
On the left pane, click SSO.
Under SAML Signature Algorithm, select SHA-256 or SHA-512.
Click Save.
OneLogin setup is now completed.
Step 2: SAML Settings in Deep Freeze Cloud
Complete the following steps to configure Deep Freeze Cloud SAML settings for SAML integration:
Go to User Management.
Click SAML Integration.
Configure the parameters for the Identity Provider, Other Settings and Service Provider.
Click the refresh button to update the Service Provider Configuration tab and display the assigned Login Domain, Audience URI and Assertion Consumer URL.
Upload the IdP metadata or perform manual setup.
Upload IdP metadata
To upload the IdP metadata, click Browse and select the IdP Metadata (.xml) file that you have downloaded. All other fields will be automatically populated.
Click Next.
Manual setup To manually set up the Identity Provider:
Enter the information for the IdP Login URL and Entity ID.
Click Browse and select the IdP Certificate file.
Click Next.
Select the permission rights for Just in Time Provisioned users.
Allow access to all sites – Select this option to allow new users access to all sites. By default, new users do not have permission to access any site.
Attribute Mapping
The Attribute Mapping tab contains information mapped from the IdP metadata. You can choose to use the generated information as is or edit the fields by clicking the edit icon.
When editing the email, first name, and last name fields, fill in the details using the format user.email, user.firstName, user.lastName.
You can assign a specific identifier by selecting the Use Custom Attribute Instead of NameID For Uniquely Identifying A User checkbox and editing the information on the Custom Attribute field.
Click Next after you have finished editing.
To edit SAML settings, click Edit at the top right.
To reset SAML settings, click Reset at the top right. Note that resetting SAML settings will unlink the IdP and delete all the SAML settings.
Step 3: Assigning Access to Deep Freeze Cloud Through OneLogin (IdP-initiated login)
OneLogin Users must be assigned access to Deep Freeze before being able to access Deep Freeze through OneLogin.
To assign access to a user:
Go to Users and select a user.
On the Users page, click Applications on the left pane.
Click the + icon on the top right of the Applications tab.
Select the app from the drop-down list and click Continue.
Edit the app login details for the selected user and click Save.
The user can now access Deep Freeze through OneLogin.
To perform IdP-initiated access, log in to your OneLogin company portal. Click on the Deep Freeze app. You will be redirected to Deep Freeze Cloud.
Add SAML User
SAML Users are created or assigned in OneLogin. See Step 3: Assigning Access to Deep Freeze Cloud Through OneLogin (IdP-initiated login).
SAML users have the ability to perform the following actions:
Edit
Disable
Delete
Tag
Last updated