New Feature – 3rd Party Identity Providers and OneLogin

Zev Schonberg
Zev Schonberg
Product Marketing Manager
Dec 16th, 2016
2 Min read
Amazon Web Services

We’re excited to announce a new feature that will allow you to use third-party identity provides via SAML authentication. This feature will make it easy to manage your Spotinst accounts and works with the most popular identity providers. Let’s walk through how this integration works with OneLogin. We borrowed the following instructions from the OneLogin help site to help you get started.

  1. Log into your OneLogin account as an administrator and go to Apps > Add Apps.
  2. Search for and select the Spotinst connector. The initial Configuration tab will appear.
  3. Click Save to add the app to your Company Apps and display additional configuration tabs. The Info tab appears.
  4. Go to the Configuration tab and enter your Spotinst Organization ID in the Relay State field.spotinst
  5. Go to the Parameters tab and ensure the Spotinst attributes are mapped to OneLogin attributes. Ensure that Credentials are Configured by admin.
  6. Click Save.
  7. Go to More Actions > Download SAML Metadata to configure your Spotinst account with OneLogin’s SAML settings.  Note the location of your saved XML file.
    1. In a new browser tab, log into your organization’s Spotinst account as admin.
    2. Click Settings and then click Identity Providers.
    3. Browse and import the XML Metadata file you downloaded earlier.spotinst-settingsNote: SSO will turn to “enabled” after uploading the OneLogin metadata.
  8. On the OneLogin Access tab, assign the OneLogin roles that should have access to Spotinst and provide any app security policy that you want to apply to Spotinst. You can also go to Users > All Users to add the app to individual user accounts.
  9. Click Save.
  10. Test the SAML connection.
    1. Ensure that you have user accounts in both OneLogin and Spotinst that use the same value as the username. You can create a test user, or you can use your own account if you choose.
    2. Make sure you are logged out of Spotinst.
    3. Log in to OneLogin as the test user.
    4. Click the Spotinst icon on your OneLogin dashboard. If you are able to access Spotinst without error, then SAML works.

Conclusion

We are very excited about this new feature as it makes managing users for large organizations a snap. In the coming months, we will be rolling out more features to further improve the management experience for users, security, and cloud accounts. Stay tuned!