Other documentations Demo Community

Configure SSO with OneLogin

OneLogin SSO for Forest Admin

You must have one project in your organization with the plan Forest Admin Pro plan to access this feature.

Configuration

  1. In your OneLogin admin dashboard, click Add app

  2. Select SAML Custom Connector (Advanced) and follow the wizard.

  3. In the Configuration section, enter all required parameters as shown in the tab bellow.

  4. Navigate to SSO section, and copy the Issuer URL head to Forest Admin, select XML file upload or XML file endpoint and paste the Issuer URL to the Metadata XML endpoint.

  5. You can perform some tests before enabling it for your whole company..

SettingDescriptionValue

ACS URL*

Assertion Consumer Service URL is responsible for receiving the SAML response

https://api.forestadmin.com/api/saml/callback

ACS Consumer) URL Validator*

URL Validator

^https://(api|app).development.forestadmin.com/.*$

Logout URL

Redirected to this location after logout

https://app.forestadmin.com/login

SAML nameID format

Should be the email address used on Forest Admin accounts

Select Email

Audience (EntityID)

A globally unique name

forestadmin-OrganizationName

(Optional) RelayState

Only useful for IDP-initiated login

{"organizationName": "<OrganizationName>", "destinationUrl": "organization.projects"}

IDP-initiated login

You can find more info on IDP-initiated login here

Troubleshooting

Check the steps below this if you encounter an issue:

  • Double check all information (endpoints, certificate expiration dates, etc..)

  • Make sure the nameID configured on your Identity Provider is the email address used on Forest Admin accounts

PreviousConfigure SSO with Okta

Last updated