Step 1: Create a SAML Connector

Go to your OneLogin Administration portal click Apps menu > Add Apps.

Search for and select SAML Test Connector (IdP). Type should be SAML 2.0.

Edit Display Name as desired, for example “Red Canary Portal” and Save.

Configuration tab:

  • Audience: https://my.redcanary.co
  • Recipient: https://<your_domain>.my.redcanary.co/saml_sp/consume
  • ACS (Consumer) URL Validator: https://<your_domain>.my.redcanary.co/saml_sp/consume
  • ACS (Consumer) URL: https://<your_domain>.my.redcanary.co/saml_sp/consume

Parameters tab, click Add Parameter:

  • Field Name: Email
  • Check Include in SAML assertion

Save all changes in OneLogin. Click the SSO tab in OneLogin to find the values you will need to enter into the Red Canary Portal.

Step 2: Configure your Red Canary Portal

Go to Administration > Single Sign-On.

  • Check This SSO configuration should be active
  • In the OneLogin SSO tab, under the X.509 certification, click View Details
  • In the certification screen, click the Download button
  • After the file downloads, open with a text editor 
  • Copy the entire text of the file, and paste it in the Red Canary field marked Identity Provider X509 Cert (Base64 encoded)
  • In OneLogin, navigate back to the SSO tab for your app
  • In OneLogin, copy the contents of the field marked SAML 2.0 Endpoint (HTTP) and paste it in the Red Canary Portal field marked Identity Provider SSO Target URL
  • In OneLogin, copy the contents of the field marked SLO Endpoint (HTTP) and paste it in the Red Canary Portal field marked Identity Provider SLO Target URL
  • In OneLogin, copy the contents of the field marked Issuer URL and paste it in the Red Canary Portal field marked Identity Provider Entity ID
  • Enter “Email” in the Red Canary Portal field Email Attribute 
  • Save

That's it! Setting up SAML can be a giant pain in the butt, so if you have any issues, email us at support@redcanary.com.

Did this answer your question?