Skip to main content

OneLogin SCIM Connection Overview

  • Updated

Note: This guide provides a general idea of what the SSO connection process involves, but should not be used as a step-by-step guide for configuring your SSO. To set up SSO with Spekit, you'll need to go to the 'Connect' page within your Spekit Web App. 

 

1) Create OneLogin Application

Log in to the OneLogin admin dashboard and select the "Applications" tab at the top. Select "Add App".

 

A screenshot showing where to select 'Add App' in the OneLogin dashboard.

 

Search for "SCIM" in the text field and select the Application named "SCIM Provisioner with SAML (SCIM V2 Enterprise)".

 

A screenshot showing where to search for 'SCIM Provisioner with SAML (SCIM V2 Enterprise)' in the OneLogin dashboard.

 

Give your Application a descriptive Display Name such as Spekit SCIM and hit "Save".

 

A screenshot showing where to input the application name in the OneLogin dashboard.

 

2) Configure OneLogin SCIM

Within the SCIM Application you just created, select the "Configuration" tab on the left. Copy/Paste the API credentials from your Spekit In-App walkthrough and place them into the corresponding boxes.

 

A screenshot showing the configuration tab, where to input the 'SCIM Base URL', and where to click 'Enable' in the OneLogin dashboard.

 

Select the "Provisioning" tab on the left. Ensure that both dropdowns are set to "Suspend". Check the "Enable provisioning" box and hit "Save".

 

A screenshot showing where to check the 'Enable Provisioning' box in the OneLogin dashboard.

 

Select the "Parameters" tab on the left. Then select "Groups".

 

A screenshot showing the Parameters tab and the 'Groups' section in the OneLogin dashboard.

 

In the modal that pops up, check the box next to "Include in User Provisioning" and hit "Save".

 

A screenshot showing where to select 'Include in User Provisioning' in the OneLogin dashboard.

 

3) Assign Users to your Spekit SCIM Application

In order for your users and groups to be synced into Spekit, you will need to assign them to this Spekit SCIM Application. Select "Users" from the top navigation menu. Next, find a user you'd like to provision to the SCIM app. Within that user profile, select the "Applications" tab on the left. Then, click the "+" symbol.

 

A screenshot showing the 'Users' tab and how to add users to an application in the OneLogin dashboard.

 

Select the appropriate app and hit "Continue".

 

A screenshot showing where to select your application to assign to a user in the OneLogin dashboard.

 

Select "Save" in the next modal to confirm the change.

 

A screenshot showing where to hit 'Save' in the OneLogin dashboard.

 

4) Assign Groups to Spekit

NOTE: There are many ways to provision groups in OneLogin. Below is one method that we recommend, but other methods can be used.

In the top navigation, Select "Users" and then "Roles" from the dropdown. Select "New Role".

 

A screenshot showing where to select 'New Role' in the OneLogin dashboard.

 

Give the Role a name (this will be the name of the group), select the appropriate SCIM application, and hit "Save".

 

A screenshot showing where to input the role name for a new group in the OneLogin dashboard.

 

Click the "Users" tab for the role. Search for any users you'd like to assign to that role and hit "Add To Role". Then hit "Save".

 

A screenshot showing where to select 'Add App' in the OneLogin dashboard.

 

Click "Save" in the next modal to confirm.

 

A screenshot showing the roles page and where to add users to a role in the OneLogin dashboard.

 

Navigate back to your SCIM app and click on the "Rules" tab on the left. Then, hit "Add Rule".

 

A screenshot showing where to click 'Save' when adding a user to a role in the OneLogin dashboard.

 

Give your Rule a name. Under "Actions", select "Set Groups in Spekit SCIM". Then, set it to "For each role with value that matches your-role-name". Hit "Save".

 

A screenshot showing where to select 'Add Rule' in the rules tab within the OneLogin application.

 

Within your SCIM app under the Users tab, you may then need to click on any "Pending" notifications to confirm the update for users.

 

A screenshot showing the 'New Mapping' modal and where to input the name of the rule in the OneLogin dashboard.

Related articles