Pricing  Get Quote
 
 

Knowledge Base

Self Service Password Management » Knowledge Base

How to enable SAML-based SSO for ADSelfService Plus using OneLogin?

Solution

If SSO is enabled, whenever a user who is already logged in to OneLogin tries to access ADSelfService Plus, the user will be granted access without having to enter their credentials again. If the user is not logged onto OneLogin and attempts to log in to ADSelfService Plus' console, the user will be redirected to OneLogin to verify their identity. Upon successful authentication, OneLogin will grant access to the ADSelfService Plus portal.

Prerequisite

If you do not find ADSelfService Plus in OneLogin's list of supported applications, follow these steps to add it to the list.

Log in to your OneLogin account with admin credentials and navigate to ADSelfService Plus from the list of applications supported. Either download the Metadata in XML format, or get the required data by copying the Issuer URL/Entity ID, IdP Login URL, IdP Logout URL, and the X.509-certificate. 

Configuration steps in ADSelfService Plus

  1. Log in to the ADSelfService Plus web console with admin credentials.
  2. Navigate to the Admin tab → Logon SettingsSingle Sign On.
  3. Check the Enable SSO checkbox to enable single sign-on for ADSelfService Plus.

    sso-logon-settings

  4. Click the SAML Authentication radio button to enable SAML configuration for your users to log in to ADSelfService Plus portal using their OneLogin credentials.
  5. Select OneLogin in the Select IdP drop-down box.

    onelogin-identity-provider-configuration

  6. There are two SAML Configuration Modes: Upload Metadata File and Manual Configuration.
    • Select Upload Metadata File if you have downloaded the metadata file.
      1. Click Browse to upload the metadata file downloaded from OneLogin.  
    • Select Manual Configuration to configure the URLs and certificates manually.
  7. Enter the Issuer URL/Entity ID URL copied from OneLogin.
  8. In the IdP Login URL, enter the Login URL copied from OneLogin.
  9. In the IdP Logout URL, enter the Logout URL copied from OneLogin.

    sso-saml-authentication-setting

  10. In the space provided for X.509-Certificate, enter the public certificate key copied from OneLogin.
  11. Click Save.

Like this tip? Get the most out of ADSelfService Plus by checking out more tips and tricks here.

Request for Support

Need further assistance? Fill this form, and we'll contact you rightaway.

  • Name
  •  
  • Business Email *
  •  
  • Phone *
  •  
  • Problem Description *
  •  
  • Country
  •  
  • By clicking 'Submit' you agree to processing of personal data according to the Privacy Policy.
Highlights of ADSelfService Plus

Password self-service

Allow Active Directory users to self-service their password resets and account unlock tasks, freeing them from lengthy help desk calls.

One identity with single sign-on

Get seamless one-click access to 100+ cloud applications. With enterprise single sign-on, users can access all their cloud applications using their Active Directory credentials.

Password and account expiry notification

Intimate Active Directory users of their impending password and account expiry via email and SMS notifications.

Password synchronization

Synchronize Windows Active Directory user passwords and account changes across multiple systems automatically, including Microsoft 365, Google Workspace, IBM iSeries, and more.

Password policy enforcer

Strong passwords resist various hacking threats. Enforce Active Directory users to adhere to compliant passwords by displaying password complexity requirements.

Directory self-update and corporate directory search

Enable Active Directory users to update their latest information themselves. Quick search features help admins scout for information using search keys like contact numbers.

« Home
Knowledge Base »

ADSelfService Plus trusted by

Embark on a journey towards identity security and Zero Trust
Password management Adaptive MFA Enterprise SSO Self-service & security Related products