Configure SSO with OneLogin
OneLogin SSO for Forest Admin
Last updated
OneLogin SSO for Forest Admin
Last updated
You must have one project in your organization with the plan Forest Admin Pro plan to access this feature.
In your OneLogin admin dashboard, click Add app
Select SAML Custom Connector (Advanced) and follow the wizard.
In the Configuration section, enter all required parameters as shown in the tab bellow.
Navigate to SSO section, and copy the Issuer URL head to Forest Admin, select XML file upload or XML file endpoint and paste the Issuer URL to the Metadata XML endpoint.
You can perform some tests before enabling it for your whole company..
ACS URL*
Assertion Consumer Service URL is responsible for receiving the SAML response
https://api.forestadmin.com/api/saml/callback
ACS Consumer) URL Validator*
URL Validator
^https://(api|app).development.forestadmin.com/.*$
Logout URL
Redirected to this location after logout
https://app.forestadmin.com/login
SAML nameID format
Should be the email address used on Forest Admin accounts
Select Email
Audience (EntityID)
A globally unique name
forestadmin-OrganizationName
(Optional) RelayState
{"organizationName": "<OrganizationName>", "destinationUrl": "organization.projects"}
You can find more info on IDP-initiated login here
Check the steps below this if you encounter an issue:
Double check all information (endpoints, certificate expiration dates, etc..)
Make sure the nameID configured on your Identity Provider is the email address used on Forest Admin accounts
Only useful for
