OneLogin

Introduction

This article outlines the steps to configure Auth0 as an identity provider.

By integrating with Auth0, Perimeter 81 can authenticate users seamlessly, leveraging the capabilities of the Security Assertion Markup Language (SAML) protocol.

Steps

1. Log in to your OneLogin account. If you don't already have one, you will need to create one.
2. Select Apps and then Add Apps.
   
3. Search for saml, and select SAML Test Connector (IdP w/attr).
   
4. Change the Display Name to Perimeter 81. Select Save.
   
5. Go to the SSO tab, and copy the values for SAML 2.0 Endpoint (HTTP) and SLO Endpoint (HTTP).
6. Select the View Details link at the X.509 Certificate field.
   
7. Download the X.509 certificate onelogin.pem.
   
8. Go back to the Configuration tab.
9. Enter the following values into the appropriate fields:

• Audience: urn:auth0:perimeter81:{{WORKSPACE}}-oc
  for example: acme.perimeter81.com workspace should translate to urn:auth0:perimeter81:acme-oc

• Recipient: https://auth.perimeter81.com/login/callback?connection={{WORKSPACE}}-oc

• ACS (Consumer) URL: https://auth.perimeter81.com/login/callback?connection={{WORKSPACE}}-oc

• ACS (Consumer) URL Validator field:https://auth.perimeter81.com/login/callback?connection={{WORKSPACE}}-oc

10. On the Parameters tab, select Add Parameter.

11. In the popup, set a name for your new custom attribute using the Field name text box. Make sure you check the Include in the SAML assertion flag. Select Save.
12. The new attribute you created is displayed. Select the Value field, which is currently displaying - No default.
13. Select the Value dropdown menu and select Macro.
14. Add the following set of properties:

• Field Name: email, Macro text box value: {email}, SAML assertion flag: Checked

• Field Name: given_name, Macro text box value: {firstname}, SAML assertion flag: Checked

• Field Name: family_name, Macro text box value: {lastname}, SAML assertion flag: Checked

At this point, we're ready to configure Perimeter 81.

Configuring Perimeter 81

1. Log in to your Perimeter 81 Management Platform, and navigate to Settings and then IdentityProviders.
   
2. Select + Add Provider.
3. Choose SAML 2.0 Identity Providers.
4. Fill Sign In URL, Signing Certificate as follows:

• The SAML 2.0 Endpoint (HTTP) value you saved above into the Sign In URL field

• The SLO Endpoint (HTTP) value into the Sign Out URL field.

• Finally, upload the onelogin.pem certificate using Upload Certificate.

5. Select Done.
   

Recommendations

• Always replace placeholders like {{WORKSPACE}} with the appropriate values during setup.
• Ensure that the correct attributes are mapped in OneLogin for accurate user authentication and authorization in Perimeter 81.
• Periodically review your OneLogin configuration settings to ensure they align with any updates or changes made within the Perimeter 81 platform

Troubleshooting

If you encounter issues during or after the setup, try reviewing your settings to ensure everything matches the instructions. In particular, check the IP addresses and other details you entered during setup. If issues persist, please consult our dedicated support.

Support Contacts

If you have any difficulties or questions, don't hesitate to contact Perimeter 81's support team. We offer 24/7 chat support on our website at Perimeter81.com, or you can email us at support@perimeter81.com. We're here to assist you and ensure your VPN tunnel setup is a success