Updated on 04 Jan, 2023
This guide will help you on how to configure OneLogin to provide SSO for UTunnel VPN using SAML.
1. Log in to OneLogin and go to Applications > Applications.
2. Click ADD APP to add your connector.
3. Search SAML TEST in the search tab. Select SAML TEST Connector (Advanced) from the list.
4. Click Save button add the app to your Company Apps and display additional configuration tabs.
5. You can provide any preferred name in the Display Name field. Click Save button.
6. Next step is Configuration. Select the Configuration tab and keep it ready. To configure, navigate to your UTunnel dashboard and select Organization tab from the top menu. Click Single Sign On tab from the left menu and select OneLogin. Click to Enable OneLogin. Ensure that this page is kept opened as we need it in the following steps.
7. Copy the Single Sign On URL from the Single Sign On screen and paste it on the Recipient, ACS (Consumer) URL* and Login URL fields in the Configuration screen in the Configuration tab.
8. Now copy the URL next to Audience on the Single Sign On screen and paste it on the Audience field in the Configuration screen. Click the SAVE button.
9. On the SSO tab, copy the two SAML values: SAML 2.0 Endpoint (HTTP) and X.509 Certificate and Issuer URL that you'll need to provide on your UTunnel OneLogin section.
10. To copy the X.509 certificate, click View Details. Then, click the Copy to Clipboard icon for the X.509 Certificate.
11. Now that you have pasted all the three SAML values on the SSO screen, click on the Save button.
12. Now access the Parameters tab. You need to map UTunnel user attributes to OneLogin attributes. Click the Add (+) button. Enter each attribute in the Field name and click Save button and select the corresponding values as given below and click the Save button. Ensure you copy and paste as given below because the attributes are case sensitive. Click Save to effect the changes.
Field Name attributes
Now you have enabled SSO and integrated your UTunnel Organization account with OneLogin. You can now add users to your OneLogin account and grant them permission to access UTunnel VPN.