OneLogin
  • 19 Feb 2025
  • 2 Minutes to read
  • Dark
    Light

OneLogin

  • Dark
    Light

Article summary

OneLogin is an identity and access management (IAM) platform that offers single sign-on (SSO), multi-factor authentication (MFA), user   provisioning, and directory integration. It helps organizations securely manage user access to applications and data. More information can be found  at Onelogin website.

Integration Method: API

Tables: Account Change (3001), Application lifecycle (6002), Authentication (3002), User Access Management (3005), User Inventory Info (5003).

List of events supported by this integration.

Events

Description

Events

Retrieve a list of events.

Apps

Retrieve a list of applications.

Users

Retrieve a list of users along with their role details, manager details, and manager's role details.

User Apps

Retrieve a list of user applications along with user details.

User MFA Devices

Retrieve a list of user devices along with user details.

This integration supports the following versions

Onelogin API version

v1.0 & v2.0

This integration has been tested with OneLogin APIs, using version v1.0 for Events and version v2.0 for Apps, Users, User Apps, and User MFA Devices.

Prerequisites

  • User should have access to the OneLogin Administration Portal using the user account credentials having Super User privileges.

  • User should have access to the DataBee console.

Configuration Overview

  1. Generate API credentials on the OneLogin console with the required scopes

  2. Create Onelogin Data Feed in the DataBee console with the required Client credentials.

DataBee Feed Parameter

Onelogin Parameter

Client Key

Client ID

Client Secret

Client Secret

Token URL: <Instance>

Onelogin Instance

API Base URL: <Instance>

Onelogin Instance

OneLogin Configuration

  1. Log on to OneLogin Administration Portal using the user account credentials with Super User privileges.

  2. Get the Onelogin instance from the URL as highlighted below.

  1. Navigate to Developers > API Credentials. The API Access page window will appear.

  1. On API Access page, click on the New Credentials button. The Create new API credential form will pop up.

  1. On Create new API credential form:

    1. Enter an appropriate name for the API credentials.

    2. Select Read all option. Click on the Save button.

  1. Once it is successfully saved, you will see the Client ID and Client Secret credentials in the popup.

    1. Copy these credentials for later use.

    2. Click on the Done button to complete credentials creation process

DataBee Configuration

  1. Login to the DataBee UI, navigate to Data > Data Feeds and click the Add New Data Feed button.

  1. Search for the OneLogin and select it.

  1. Click on the API Ingest.

  1. Enter basic contact information in the contact form and click on the Next button.

  1. In the configuration dialog, enter the following:

    • API Base URL: Replace the <instance> placeholder with your Onelogin instance

    • Client Key: Paste the Client ID generated previously

    • Client Secret: Paste the Client Secret generated previously

    • Token URL: Replace the <instance> placeholder with your Onelogin instance

    • Select the event types. It is prepopulated with all supported event types.

  2. Click Submit

Troubleshooting Tips

  • Verify Client Credentials and Instance

Ensure the client key, client secret, and instance URL are correctly pasted. Since the client key and secret are only visible at the time of creation, recreate them if needed. Copy the newly generated credentials to a text editor to check for extra spaces or unexpected characters.

Once verified, reconfigure the DataBee feed with the correct credentials.

  • Verify OneLogin Scope

Check that the OneLogin API credentials have the necessary scope. If needed, update the API credentials' scope in the OneLogin Console, save the changes, and retry the integration.


Was this article helpful?

Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.
ESC

Eddy AI, facilitating knowledge discovery through conversational intelligence