Onelogin doesn’t provide automatic setup of SAML applications by uploading the Service Provider Meta Data. This small tutorial will guide you through the necessary steps to get Instana integrated with Onelogin as a SAML app.
- You will require administrator privileges in Onelogin.
- Please open the SAML configuration page in Instana as you will be copy pasting some values between there and Onelogin. (See Option 2: Manual Setup in the dialog)
First thing to do is to go to the application perspective in Onelogin by selecting it from the menu bar and then clicking
Add App button on the right.
Now search for
SAML and select
SAML Test Connector (IdP w/ attr w/sign response).
After selecting the template you will be prompted with a screen where you can fill in the name of your application.
You are free to pick a name/image since these values have no impact on the actual SAML login flow.
After filling everything in click on
Configuration to start the actual SAML configuration.
This screen now contains all the fields required to interact with Instana. Copy the appropriate values from the Instana
SAML configuration page into the appropriate fields, then hit save.
Note: Yes, the
.* in the
ACS (Consumer) URL Validator is required.
Almost done. After saving everything we now have an Instana SAML application in Onelogin. The only thing left to do is to transfer the IdP-Metadata from Onelogin to Instana.
To do so select the
More Actions dropdown and select SAML Metadata. Store the downloaded file and upload it in the
Instana SAML configuration page.
With SAML enabled this is now the only way for your users to access Instana.
To actually enable users they have to get the SAML app assigned to them.
Use your regular flow to associate a given app with a user so they get access.
NOTE: Make sure that every user has an associated eMail-address.
Each new user will receive the default role when first logging in.