Setting up SSO in Remote with OneLogin

Important: Before you can activate SSO, you must have at least one company domain verified. Domain verification is a required security step that proves ownership of your domain. For detailed instructions on domain verification, please refer to our SSO Domain Verification Guide and How can a company enable login via Single Sign-On for their company users? 

You can setup Single Sign-On for Remote through certain Identity providers (IdPs). To do this with OneLogin: 

1. Log in to your OneLogin Dashboard, and click on Applications, and then search for the SAML Custom Connector and click on it to add a new SAML app.
   
   
   
   
2. Set the Display Name and logos as you wish and then click on Save.
   
   
   
   
3. Go to the SSO tab to retrieve the information for the Certificate and the Identity Provider URL
   • To download the Certificate, click on View Details and then click on Download to download the onelogin.pem file.
   • The Identity Provider URL is the URL under SAML 2.0 Endpoint (HTTP).
     
     
     
4. On the Configuration tab, fill in the configuration generated from Remote’s SSO Settings page
   • ACS (Consumer) URL - the URL field from Remote
   • Audience (Entity ID) - the Audience field from Remote
   • ACS (Consumer) URL Validator - provide this regular expression: ****[-a-zA-Z0-9@:%.*\\+~#=]{2,256}\\.[a-z]{2,6}\\b([-a-zA-Z0-9@:%*\\+.~#?&//=]*)
     
     
5. On the Parameters tab, click on the plus sign to add a new parameter so the user’s email is available for authentication. The new parameter field name should be email, its value Email and the Include in SAML Assertion check needs to be enabled: