Configuring OneLogin as Identity Provider

Configuring OneLogin as Identity Provider


  • Log in your OneLogin domain and click Applications under the Applications tab.



  • In the displayed page, click Add App.



  • Search for SAML from the search box and select SAML Test Connector (Advanced) from the search results.




  • Provide a Name and upload a Logo for your application.

  • Click Save.



  • Go to the Configurations tab and enter the details as given below.


Field Name


ACS (Consumer) URL Validator

Assertion Consumer URL in SupportCenter Plus

ACS (Consumer) URL

Assertion Consumer URL in SupportCenter Plus

Single Logout URL

Single Logout Service URL in ServoiceDesk Plus

Audience (Entity ID)

Entity ID in SupportCenter Plus



  • Select the required SAML nameID format from the drop-down. SupportCenter Plus supports the following formats:

    • Email: Choose this if you want to login using the email address configured in SupportCenter Plus.

    • Transient/Persistent: Choose this format if you want to login using the login name configured in SupportCenter Plus.

    • Unspecified: Choose this if you want to login using the User Principal Name of your Active Directory account imported into SupportCenter Plus.

  • Click Save.



  • Open the Parameters tab.

  • Click NameID value. In the displayed drop-down, choose the required value for the NameID format selected in the previous screen using the following pointers:

    • For Email format, select Email as the value.

    • For Persistent/Transient formats, select an option that returns the value in the format <DOMAIN\username>.

      Alternatively, select Macro to configure a custom option to achieve the same. The syntax can be found here.

    • For Unspecified format, select userPrincipalName as the value.


i.  Dynamic User Addition in SupportCenter Plus is supported only for Persistent/Transient nameID formats.

ii. The NameID value configured in OneLogin should match that of SupportCenter Plus. Otherwise, redundant user addition might take place.




  • Under the SSO tab, you will find the IdP details to be entered in the SupportCenter Plus application.

  • Enter the details as given below.


SupportCenter Plus Attribute

OneLogin Attribute

Login URL

SAML 2.0 Endpoint

Logout URL

SLO Endpoint



  • To download the Certificate, click the View Details option under X.509 Certificate.

  • Choose the certificate format as X.509 PEM/X.509 DER and click Download.



  • You can assign the application to various users under the Users tab.



You have now configured SupportCenter Plus as a service provider in OneLogin.

Go to the SAML configuration page in SupportCenter Plus and provide the IdP details to complete the integration.

    • Related Articles

    • Configuring Azure as the Identity Provider

      To enable users from Azure Active Directory to access the SupportCenter Plus application via SAML authentication, you must configure SupportCenter Plus as an enterprise application in Azure. Follow the steps given below to configure SupportCenter ...
    • Configuring ADFS 3.0 as the Identity Provider

      Before you start the configuration process, make sure that the SupportCenter Plus application is running in the HTTPS mode. Then, configure SupportCenter Plus as a Relying Party Trust (RPT). This can be done either manually or using the metadata ...
    • Configuring Okta as the Identity Provider

      Log in to your Okta domain. Go to the Applications >> Add Application.     Click Create New App.     From the displayed dialog box, choose SAML 2.0 as the sign-on method. Click Create.     In the next window, provide a Name for your application. ...
    • Configuring Database

      In GUI Setups Configuring Database Server SupportCenter Plus is bundled with PostgreSQL database. You can also configure the application to set up MS SQL database. PostgreSQL 1. Go to <SupportCenter_Plus_Home>\bin directory in the command prompt and ...
    • SAML Authentication

      SAML Authentication   Security Assertion Markup Language(SAML) brings an easier alternative to conventional sign-in methods already available for online services. Users will no longer have to provide passwords specific to each service they access. ...