How can we help?

< Back
You are here:

SSO: OneLogin Integration

Create a OneLogin application

1. On the OneLogin portal page (, choose Administration.

2. At the top of the Administration page, pause on Apps, and then choose Add apps.

3. In the search bar under Find Applications, enter “saml”, and then choose SAML Custom Connector (Advanced)

4. (Optional) Do any of the following:
* For Display Name, enter a name and description. For example, “ERIN SAML”.
* For Rectangular Icon and Square Icon, upload thumbnail icons following the specifications on the page.
* For Description, enter a short summary description. For example, For Amazon Cognito user pool.

Edit your OneLogin application configuration

1. Choose Configuration.

2. On the Configuration page, do the following:
* For RelayState, enter
* For Audience, enter the Identifier (Entity ID) provided. Example: urn:amazon:cognito:sp:yourUserPoolId.
* Leave Recipient blank.
* For ACS (Consumer) URL Validator, enter the Reply URL (Assertion Consumer Service URL) provided. Example:
* For ACS (Consumer) URL, enter the Reply URL (Assertion Consumer Service URL) provided. Example:
* Leave Single Logout URL blank.

Edit your OneLogin application’s parameters

1. Choose Parameters.
Note: One parameter (NameID (fka Email)) is already listed—this is expected.
2. Choose Add parameter to create a new, custom parameter.
3. In the New Field dialog, for Field name, enter

4. For Flags, select the Include in SAML assertion check box.
5. Choose Save.
6. For Value, choose Email from the list.
7. Choose Save.
8. Repeat these steps for the following values and all other desired attribute mappings.
Field Name: Value: Last Name
Field Name: Value: First Name

Table of Contents