Link a OneLogin Application to Engage by Sailthru

This guide walks you through configuring a OneLogin application to enable SAML-based Single Sign-On from OneLogin for Engage by Sailthru. In this scenario, the OneLogin application is the SAML Identity Provider.

  1. In OneLogin click “Administration” and then select “Applications” from the “Applications” menu:
  2. Click “Add App” and search for “SAML”. Select “SAML Test Connector (IdP w/ attr w/ sign response)”:
  3. Change the “Display Name” of the app and toggle off the slider “Visible in portal”:
  4. Click Save.

Configure your new OneLogin application

  1. Decide the name of the SAML connection that will be used by Engage by Sailthru. This should be in the format of saml-<companyname>, e.g. saml-sailthru. In the following steps, you’ll insert this name in place of SAML_CONNECTION_NAME.
  2. Open the “Configuration” tab:
  3. Enter the following settings:
    1. urn:auth0:sailthru:SAML_CONNECTION_NAME as the value for the “Audience” field
    2. [-a-zA-Z0-9@:%.+~#=]{2,256}.[a-z]{2,6}\b([-a-zA-Z0-9@:%+.~#?&//=]*) as the value for the “ACS (Consumer) URL Validator” field
    3. as the value for the “ACS (Consumer) URL” field
  4. Go to the “Parameters” tab:
  5. Make sure that the user’s email address is specified as the SAML NameID attribute: Remember the email address sent from OneLogin must match the email address associated with the user within the Engage by Sailthru platform.
  6. Click the Plus icon and add SAML attribute:
  7. Click the Plus icon and add SAML attribute:
  8. Click the Plus icon and add SAML attribute as a macro field with the {firstname} {lastname} value:
  9. On the “Users” tab you can see the complete list of users who have access to the newly created OneLogin application:
  10. Go to the “SSO” tab and change “SAML Signature Algorithm” to “SHA-256”:
  11. On the “SSO” tab, download the X.509 certificate. For that click on the “View Details” link at the “X.509 Certificate” field and then download the X.509 certificate “onelogin.pem”.
  12. On the “SSO” tab, copy the value for “SAML 2.0 Endpoint (HTTP)”.

Pass configuration details to Engage by Sailthru

Once you have completed all these steps, please contact Support with the following details
  • SAML connection name
  • Identity Provider Single Sign-On URL
  • X.509 Certificate