OneLogin SAML setup

How to set up Kolide's SAML / SSO Sign-in

Antigoni Sinanis avatar
Written by Antigoni Sinanis
Updated over a week ago

Follow these steps for integrating with OneLogin after completing the steps in Kolide's SAML / SSO Sign-in document.

For more instructions on how to set up SAML with OneLogin, please refer to their help doc.

Log in to your OneLogin account.
Select "Applications", click on the blue button that says "Add App", and search for "SAML Test Connector". Select this.

From here, you will want to change the "Display Name" (e.g. 'Kolide' or 'Kolide K2'), and add a description.

May we suggest the following?

Kolide is a user focused security platform which your team uses to inform users
when their device has issues that affect system stability or security

And for a logo, feel free to use this one:

Click "Save".

On the left hand menu, select "Configuration".
In the red boxed areas below, you will want to copy and paste the following:

  • In "Audience", paste your unique Kolide Issuer URL

  • In "Recipient", paste your unique Kolide SSO URL

  • In "ACS (Consumer) URL Validator*", paste your unique Kolide SSO URL, prepending all slashes and periods a backslash. You'll also want to start with a ^ character and end with a $ (see example below in red text)

  • In "ACS (Consumer) URL*", paste your unique Kolide SSO URL

Next, you will need to select "SSO" from the left hand menu. Let's first copy the link provided under "SAML 2.0 Endpoint (HTTP)".

Paste this into your Kolide SAML / SSO page.

Once that is complete, click "View Details" to gather the Certification information. Click the "Copy to Clipboard" icon on the top right corner of the Certificate window. Paste this into your Kolide SSO Configuration page.

When you are finished, click "Save & Test SSO".

But wait. There's one more step!

You now have to go to your Security & Privacy page to enforce SAML / SSO.

Click "Save Changes", which will now make other sign in methods inaccessible.

Your team will see a message in their inbox letting them know of this change.

Now, when your team signs in, they will see this* (*Okta Logo used as an example):

BOOM! Now you're all set! Now get cracking :)

Did this answer your question?