How to set up SAML for Cobalt for OneLogin users
The OneLogin/Cobalt SAML integration currently supports the following features IdP-initiated SSO
1. Login to OneLogin with administrator privileges.
2. Go to Applications and press Add App.
3. Select the application “SAML Test Connector (Advanced)”:
4. Press Save to add the application and enable configuration of the application.
5. Go to the SSO tab and select SHA-256 as the signature algorithm:
6. Press Save.
7. Login to Cobalt.
8. Navigate to your Org level by clicking on your Org name
9. Select the Settings tab
10. In the Settings tab, press Authorization, then press Enable for SAML SSO:
11. Go back to OneLogin and copy the URL under Issuer URL:
12. Place the URL in the IDP ISSUER URL field in Cobalt:
13. Copy the SAML 2.0 Endpoint (HTTP) field value in OneLogin to the IDP TARGET URL field in Cobalt.
14. Under X.509 Certificate in OneLogin, press View Details:
15. Copy the X.509 Certificate:
16. Place it in the IDP CERTIFICATE field in Cobalt and press Save:
17. Copy your IdP RelayState in Cobalt:
18. Navigate to Configuration in OneLogin and paste your IdP RelayState into the RelayState field:
19. In the Audience field, place the following value:
20. In the Recipient, ACS (Consumer) URL Validator and ACS (Consumer) URL fields, place the following value:
21. Still on the Configuration tab, scroll down a bit until you find the following fields and make sure your configuration is matching the values in the picture:
22. Press Save to save your configuration in OneLogin.
23. Navigate to the Parameters tab in OneLogin and press the plus sign:
24. In Field name, insert email, check the Include in SAML assertion box and press Save:
25. In the Value selector, select Email and press Save:
26. In OneLogin, assign a user to your new application.
27. Log in as your assigned user in OneLogin and you will now see the SAML application on the dashboard. Press it and you will be logged in to Cobalt using SAML.