How To Set Up Your Own OneLogin App (SAML)

Last updated 09/22/2022

Step 1

Log in to your OneLogin account.


Step 2

Navigate to the Administration panel, then go to the Applications tab.


Step 3

Click Add App at the top right of the page.


Step 4

  • Search for: SAML Custom Connector
  • Click on SAML Custom Connector (Advanced) to add it.
Step 4

Step 5

For Display Name, enter your organization's name and click "Save".

Step 5

Step 6

Go to Configuration in the left menu, and enter the following information:

  • For the ACS (Consumer) URL Validator field, enter:

    https:/\/\api.breadbutter.io/\callback

  • For the ACS (Consumer) URL field, enter:

    https://api.breadbutter.io/callback

  • Click Save.
Step 6

Step 7

  • Go to Parameters in the left menu, and click the "+" to add parameters
  • Add the following parameters:
    • Field name: FirstName and value: First Name
      • check "Include in SAML assertion"
    • Field name: LastName and value: Last Name
      • check "Include in SAML assertion"
    • Field name: Email and value: Email
      • check "Include in SAML assertion"
    • Field name: PersonImmutableID and value: Onelogin ID
      • check "Include in SAML assertion"
  • Click "Save"
Step 7

Step 8

Go to SSO in the left menu, and take note of the following information:

  • Issuer URL
  • SAML 2.0 Endpoint (HTTP)
  • X.509 Certificate (View Details)

Step 9

Go to Users, and add your users to the App.


Step 10

Bread & Butter Setup:

  1. Go to https://app.breadbutter.io/sign-in/
  2. Click Sign In and authenticate (or Sign Up make a new account and authenticate).
  3. Go to Tools in the left menu.
  4. Click on the OneLogin button under Enterprise Identity Providers.
  5. Choose SAML for the protocol.
  6. Enter a name.
  7. Enter a description (optional).
  8. Enter the Issuer URL & SAML 2.0 Endpoint (HTTP) from the OneLogin setup steps above.
  9. Enter the X.509 Certificate from the OneLogin setup steps above. Do not include -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----.
  10. Click Save & close.
  11. Enable OneLogin by clicking the new entry in the OneLogin Identity Providers list.
Step 10