SSO with OneLogin
OneLogin is an online SSO service which can act as the IdP and has integrations into hundreds of online services. It has been tested to work with the Yondo SSO.
1. Sign up to a free account at onelogin.com.
2. Go to Apps -> Add Apps.
3. Search for ‘onelogin saml’.
4. Select ‘OneLogin SAML Test (IdP)’, enter a display name of your choice, and save.
5. In the configuration for the app added in the previous step, go to the SSO tab.
6. Here you’ll find the Certificate, SAML 2.0 Endpoint (HTTP) and SLO Endpoint (HTTP). (SLO stands for Single Log Out/Off, which allows your customers to log out of the IdP when they click the log out button in the Yondo store)
Here is an example of how your page will look like. (Please note: Your certificate will be specific to your account, not identical to the screenshot.)
7. In a separate browser tab, open your Yondo store maintenance. Go to Store Settings -> Customer SSO.
8. Change the SSO Type to ‘SAML’.
a. In OneLogin, click the ‘View Details’ link in the X.509 Certificate section.
b. Copy the Certificate contents starting with -----BEGIN CERTIFICATE----- and ending with -----END CERTIFICATE----- (include all the text including the begin/end sections).
c. Paste this text into the ‘Certificate’ field in the Yondo SSO Settings.
10. Authentication Endpoint Url:
a. In the OneLogin App settings, SSO Tab, copy the text in the ‘SAML 2.0 Endpoint (HTTP)’ field.
b. Paste this text into the ‘Authentication Endpoint Url’ field in the Yondo SSO Settings.
11. Logout Endpoint Url (optional):
Perform this step if you want your customers to be logged out of OneLogin, when they click the Log out button in your Yondo store. Some IdP’s may not provide this function so it is optional in Yondo.
a. In the OneLogin App settings, SSO Tab, copy the text in the ‘SLO Endpoint (HTTP)’ field.
b. Paste this text into the ‘Logout Endpoint Url (optional)’ field in the Yondo SSO Settings.
12. Click ‘Save’.