Follow

OneLogin OAuth

This article will detail how you can use OneLogin OAuth with your FTP Today account.

You will need two browser windows/tabs for these steps.

Create the Identity Service at FTP Today

Log into your FTP Today Site.  Navigate to Settings…Authentication…Identity Service. Click on Add Service.

image001.png

 

Enter a name for the New Service and select “OneLogin OAuth” as the provider and Save.

image002.png

Create the Application at OneLogin

On your FTP Today Site, locate the configuration information.

image003.png

Log into your OneLogin site. Navigate to Applications and select Add App.

image004.png

In the Search field enter “SAML Test”, then select the “OpenId Connect (OIDC)”.

image005.png

Enter a name for the application, upload the icons you previously downloaded and Save.

image006.png

On your OneLogin site, select Configuration. Copy the values from your FTP Today site to the corresponding fields at OneLogin and Save.

image007.png

Select SSO and set the Token Endpoint to “POST” and Save.

image008.png

 

Configure the Identity Service at FTP Today

On your OneLogin site, select “SSO” and select “Show client secret”.  Locate the Client ID and Client Secret. Right-click the V2 Well-known Configuration and select Copy link.

image009.png

On your FTP Today Site, select “I want to use a Well-Known URL to set this configuration.” Paste well-known URL. Copy the Client ID and Client Secret from your OneLogin site, then Save.

image010.png

Assign the user to the application at OneLogin

Identify and select the user to have access to your FTP Today site

image011.png

Select Applications and click the “+” sign.

image012.png

Select your newly created app and Continue.

image013.png

 

Then Save.

image014.png

 

Add the user at FTP Today

In your FTP Today site, navigate to the Users area and select Add User.

image015.png

Enter the username as set up in the One Login service and select the OneLogin service you created.  Complete the rest of the fields as needed and Save.

image016.png

 

OneLogin supports an advanced security feature that offers further user verification. Your may register the user with a unique identifier from OneLogin.  In addition to matching the User Name to identify the user, we will match the OneLogin ID for that user. 

When setting up the user, navigate to the user at OneLogin, select User Info and locate the OneLoginID. Copy that value.

image017.png

Include that value as the IdP User Unique Identifier when you create the user.

image018.png

If the user already exists in your FTP Today site, you may change these settings on the Authentication tab for the user.

                User access through FTP Today

Navigate to the site and enter the username and click Next.

image019.png

 

There will be a brief “Authenticating” message. 

image020.png

If the user does not have an open session with OneLogin, they will have to authenticate.

image021.png

The user will now be logged into your FTP Today Site.

User access at OneLogin

Access the OneLogin portal.  On the home screen, the user can click on the FTP Today application.

image022.png

The user will be directed to the login page for your FTP Today site.  They will then enter their user name and be authenticated as above.

 

Ending the session

When done, the user may log out of the FTP Today site or allow the session to expire.  This will not log the user out of OneLogin or any other services authenticated through OneLogin. 

The user may also log out of OneLogin which will log the user out of your FTP Today Site. This will not close the browser window, but any action taken in the browser window will fail. After a short period, the browser window will reload to the login page.

The session timeout on the FTP Today Site may log the user out of the site even if they are still logged in at OneLogin.  In that case, after reentering their username they will be immediately authenticated to the site.