Disclaimer: changing your domain will prohibit access to Ironclad. Please contact Support (support@ironcladapp.com) for assistance prior to migrating domains.
Setting Up OneLogin in Ironclad
- Log in to OneLogin as an Admin
- Click on your name in the top right corner of page and open Profile
- Hover over APPS in the top bar
- Click Add Apps
- In the search bar under Find Applications, type in SAML
- Click on SAML Test Connector (Advanced) SAML 2.0
- In Display Name, type Ironclad and click Save
- Toggle to Ironclad and log in as an Admin
- Click on your name at the top right corner of the page > Company Settings
- On the left hand bar, click Integrations > SAML Single Sign-On Configuration (under Other Integrations) > + Add SAML Configuration > Show Additional IdP Settings > copy the Callback URL
- Toggle back to OneLogin
- Click Configuration on the grey bar
- Paste the Callback URL into ACS (Consumer) URL*
- In ACS (Consumer) URL Validator, convert the Callback URL in Regular Expression Format by doing the following:
- Start regular expression with ^ and end them with $
- Escape periods (.) and forward slashes (/), as demonstrated in the following example:
- ^http:\/\/www.ironcladapp\.com\/saml\/account_id\/callback$
- Once completed, scroll down the page to SAML nameID format and switch from Email to Unspecified
- Click Parameters on the grey bar
- Click on Add Parameter (IMPORTANT: you will create three (3) new parameters)
- In Field name, you will create one of each with the following camel format:
- firstName
- lastName
- In Flags, check Include in SAML assertion and click Save
- In Value, click on the dropdown and identically match value to Name and click Save (in this example, email to Email)
- Once all three (3) parameters are configured (as shown below), click Save next to More Actions
- Click SSO on the grey bar and navigate to View Details hyperlink under X.509 Certificate
- Either copy and paste OR download X.509 Certificate
- Toggle to Ironclad and either:
- Paste X.509 Certificate into Identity Provider Certificate, OR
- Upload downloaded X.509 Certificate by clicking Choose File under IdP Configuration XML
- Once complete, toggle to OneLogin and click SSO on the grey bar
- Copy link under SAML 2.0 Endpoint (HTTP)
- Toggle to Ironclad and paste the SAML 2.0 Endpoint (HTTP) in Entry Point
- Click Save on the Ironclad SAML Integration Configuration page
Your configuration is now complete! You can now add existing users to the application or invite new users.