- 19 Feb 2025
- 2 Minutes to read
- Print
- DarkLight
OneLogin
- Updated on 19 Feb 2025
- 2 Minutes to read
- Print
- DarkLight
OneLogin is an identity and access management (IAM) platform that offers single sign-on (SSO), multi-factor authentication (MFA), user provisioning, and directory integration. It helps organizations securely manage user access to applications and data. More information can be found at Onelogin website.
Integration Method: API
Tables: Account Change (3001), Application lifecycle (6002), Authentication (3002), User Access Management (3005), User Inventory Info (5003).
List of events supported by this integration.
Events | Description |
Events | Retrieve a list of events. |
Apps | Retrieve a list of applications. |
Users | Retrieve a list of users along with their role details, manager details, and manager's role details. |
User Apps | Retrieve a list of user applications along with user details. |
User MFA Devices | Retrieve a list of user devices along with user details. |
This integration supports the following versions
Onelogin API version | v1.0 & v2.0 |
This integration has been tested with OneLogin APIs, using version v1.0 for Events and version v2.0 for Apps, Users, User Apps, and User MFA Devices.
Prerequisites
User should have access to the OneLogin Administration Portal using the user account credentials having Super User privileges.
User should have access to the DataBee console.
Configuration Overview
Generate API credentials on the OneLogin console with the required scopes
Create Onelogin Data Feed in the DataBee console with the required Client credentials.
DataBee Feed Parameter | Onelogin Parameter |
Client Key | |
Client Secret | |
Token URL: <Instance> | |
API Base URL: <Instance> |
OneLogin Configuration
Log on to OneLogin Administration Portal using the user account credentials with Super User privileges.
Get the Onelogin instance from the URL as highlighted below.
Navigate to Developers > API Credentials. The API Access page window will appear.
On API Access page, click on the New Credentials button. The Create new API credential form will pop up.
On Create new API credential form:
Enter an appropriate name for the API credentials.
Select Read all option. Click on the Save button.
Once it is successfully saved, you will see the Client ID and Client Secret credentials in the popup.
Copy these credentials for later use.
Click on the Done button to complete credentials creation process
DataBee Configuration
Login to the DataBee UI, navigate to Data > Data Feeds and click the Add New Data Feed button.
Search for the OneLogin and select it.
Click on the API Ingest.
Enter basic contact information in the contact form and click on the Next button.
In the configuration dialog, enter the following:
API Base URL: Replace the <instance> placeholder with your Onelogin instance
Client Key: Paste the Client ID generated previously
Client Secret: Paste the Client Secret generated previously
Token URL: Replace the <instance> placeholder with your Onelogin instance
Select the event types. It is prepopulated with all supported event types.
Click Submit
Troubleshooting Tips
Verify Client Credentials and Instance
Ensure the client key, client secret, and instance URL are correctly pasted. Since the client key and secret are only visible at the time of creation, recreate them if needed. Copy the newly generated credentials to a text editor to check for extra spaces or unexpected characters.
Once verified, reconfigure the DataBee feed with the correct credentials.
Verify OneLogin Scope
Check that the OneLogin API credentials have the necessary scope. If needed, update the API credentials' scope in the OneLogin Console, save the changes, and retry the integration.