SSO implementation is available in the Enterprise plan only.

Step 1

Navigate to the Onelogin applications page, and click ADD APP, as illustrated below

Step 2

Search for SAML Test Connector in the Find Applications section. Select SAML Test Connector (IdP w/ attr w/ sign response) from the search results

Step 3

Update or rename the Display Name, and click SAVE.

Step 4

You are now in the Info tab. Click the Configuration tab. Enter your service provider details (which can be found on the configuration Identity provider page on your RandomCoffee platform) and the configuration here. Click SAVE to proceed.

Copy the Entity ID, and ACS URL from your service provider details and paste them into the corresponding fields. However, you need to copy this string ^https:\/\/app.random-coffee.com\/ and paste it into the “ACS (Consumer) URL Validator” field. Copy EntityID, Recipient, and ACS URL in *ACS (Consumer) URL, and set the ACS(Consumer) URL Validator to the value illustrated in the above screen.

Step 5

Navigate to the SSO tab in Onelogin and copy the Identity Provider SSO URL (Issuer URL), SAML 2.0 Endpoint (HTTP), and X.509 Certificate from here: Navigate the SSO tab in OneLogin and copy the Issuer URL as illustrated below:

Paste the metadata link in the browser and download the metadata file:

Step 6

Upload the metadata file in the Identity Provider Details page as illustrated below, Identity Provider SSO URL, Identity Provider Issuer, and X.509 Certificate will be automatically fetched & filled:

Add a display name & your company domains and save:

Select “Automatically add new users using this authentication method to my team" if needed, and click Save Authentication.

Step 7

Add the “first_name“ & “last_name“ fields as illustrated below:

Make sure “Include in SAML assertion“ is checked and click on Save:

Choose “First Name“ and Save:

Do the same for “last_name“.

Step 8

Please contact support@random-coffee.com if you have any questions.