OneLogin SSO/SAML Integration – Ironclad Help Center

Setting Up OneLogin in Ironclad

Toggle to Ironclad and log in as an Admin
- Click on your name at the top right corner of the page > Company Settings

On the left hand bar, click Integrations > SAML Single Sign-On Configuration (under Other Integrations) > + Add SAML Configuration > Show Additional IdP Settings > copy the Callback URL

Paste the Callback URL into ACS (Consumer) URL*
In ACS (Consumer) URL Validator, convert the Callback URL in Regular Expression Format by doing the following:
- Start regular expression with ^ and end them with $
- Escape periods (.) and forward slashes (/), as demonstrated in the following example:
  - ^http:\/\/www.ironcladapp\.com\/saml\/account_id\/callback$
Once completed, scroll down the page to SAML nameID format and switch from Email to Unspecified

Click Parameters on the grey bar
- Click on Add Parameter (IMPORTANT: you will create three (3) new parameters)

In Field name, you will create one of each with the following camel format:
- email
- firstName
- lastName
In Flags, check Include in SAML assertion and click Save

In Value, click on the dropdown and identically match value to Name and click Save (in this example, email to Email)

Once all three (3) parameters are configured (as shown below), click Save next to More Actions

Click SSO on the grey bar and navigate to View Details hyperlink under X.509 Certificate

Toggle to Ironclad and either:
- Paste X.509 Certificate into Identity Provider Certificate, OR
- Upload downloaded X.509 Certificate by clicking Choose File under IdP Configuration XML

Once complete, toggle to OneLogin and click SSO on the grey bar
- Copy link under SAML 2.0 Endpoint (HTTP)

Toggle to Ironclad and paste the SAML 2.0 Endpoint (HTTP) in Entry Point

Your configuration is now complete! You can now add existing users to the application or invite new users.