Topics included in this article:
Prerequisites
To begin setting up Rhombus with OneLogin, you will need the following:
- a Rhombus account
- a OneLogin account with Super User privileges
Single Sign-On, or SSO, is a way to sync sign-on across multiple applications allowing you to log in to all applications with only one user account and password.
Set-Up
To set up Rhombus with OneLogin, just use the templates app that is provided by OneLogin such as the 'SAML Test Connector (Advanced)'.
1. To access this in OneLogin, go to:
Apps > Add Apps > Find Application > Search for SAML Test Connector (Advanced) in the Search box
2. Select the entry, enter change the Display name to 'Rhombus Systems', and then > Save
3. Then navigate to the Configuration tab
To configure the Rhombus app, fill in the following Rhombus information:
ACS (Consumer) URL | https://console.rhombussystems.com/saml/SSO |
ACS (Consumer) URL Validator | https://console.rhombussystems.com/saml/SSO |
Recipient | https://console.rhombussystems.com/saml/SSO |
Audience (EntityID) | com:rhombussystems:saml:sp |
SAML nameID format | Response |
Sign SLO Response | Check the checkbox |
It should look something like this:
4. Then go to Parameters > Add Parameters below the Configuration and add the following:
NameID = email
FirstName = FirstName
LastName = LastName
It should look something like this:
5. Additionally, make sure that the SAML signature algorithm for the Rhombus app is SHA-256. It should look like this:
6. Add users that have access to the Rhombus console here. If you do not see a user, you can create a new user within the Users tab on the header bar and assign the user to the Rhombus Systems application you created.
7. Lastly, hit Save and copy the XML from the SAML Metadata file into the Rhombus SSO page.
To do this, go to More Actions > SAML Metadata -> click SAML Metadata to download XML file
XML file should download in the following format: onelogin_metadata_1234567.xml
8. Open the XML file in a text editor of your choice, and copy the contents into the rhombus console SSO page: https://console.rhombussystems.com/settings/sso/
toggle the 'Use Single Sign-On' and hit the 'Save' button on the upper right corner
Recovery Users
A Recovery User is a user account in your organization that bypasses SAML once enabled.
Note: It is recommended to have at least two Super User Accounts as Recovery Users when enabling SSO to ensure you have a method of logging and disabling SSO in the event SAML encounters errors.
Enabling a user account as a Recovery User is done during the SSO configuration process.
|
Helpful Links
Contact Support or Sales
Have more questions? Contact Rhombus Support at +1 (877) 746-6797 option 2 or support@rhombus.com.
Interested in learning more? Contact Rhombus Sales at +1 (877) 746-6797 option 1 or sales@rhombus.com.
Comments
0 comments
Please sign in to leave a comment.