Setting up OneLogin integration with Stormboard

Integrating your OneLogin single sign on (SSO)

The following is required:

  • An active OneLogin subscription

  • An Enterprise Stormboard single sign-on enabled subscription


Why integrate SSO?

In this tutorial, you learn how to integrate Stormboard with OneLogin. Integrating Stormboard with OneLogin provides you with the following benefits:

  • You can control in OneLogin who has access to Stormboard.

  • You can enable your users to be automatically signed-in to Stormboard (Single Sign-On) with their OneLogin accounts.

  • You can manage your accounts in one central location within OneLogin

Steps to establish the SSO integration

1. Log into Stormboard as a Team Administrator in one browser tab

2. From the menu icon on the top left, select My Account.

a. Select your team under My Teams

b. Scroll down to the Authentication section and select OneLogin.

SSO provider list


Steps to configure OneLogin SSO on Stormboard side

  1. Enter the values from OneLogin in Stormboard. May be any of the following:
    a. Issuer URL
    b. SAML 2.0 Endpoint
    c. Identifier
    d. OneLogin Identifier
    e. Identity Provider Issuer
    f. Public Certificate

  2. Set the "Enabled" field to "Yes" to enable SSO (see image below)

  3. The "Required" field allows you to set if a user is required to be authenticated with SSO in order to enter a Storm (what we call your digital workspace). If you select "Yes", this will stop any external users not in your directory from entering a Storm — an added security feature (see image below).

  4. Click Save (see image below).

Enabling SSO


Steps to configure OneLogin SSO on OneLogin side

Enter the values from Stormboard in OneLogin on the admin side.
May be any of the following:
a. Identifier
b. Reply URL (ACS)
c. Sign On URL (ACS)
d. Subdomain
e. Team ID

Test your connection on Stormboard

  1. Go to https://[your-subdomain].stormboard.com/

  2. Click Continue

Testing connection on Stormboard

 

3. Stormboard uses just-in-time provisioning if the user does not have an account one will be created

Notes

The following SAML attributes are supported:

  • FirstName: user.firstName
  • LastName: user.lastName
  • Email: user.userName

 

Also See: