Single Sign On allows your staff to have one password for all their applications, and avoid the need to log on separately to different systems. This guide steps through the process of setting up Single Sign On for Leave Dates using OneLogin.
How to Configure Single Sign-On with OneLogin
- Log into Leave Dates using your admin account.
- Navigate to the Settings > Integrations page
- Click the Add Provider button within the Single Sign On section
- Provide a Subdomain for the login process (eg. https://companyname.leavedates.com). Choose something memorable and easy to type, such as companyname. It will be used later to automate the login process. You cannot change this later so choose wisely!
- Press Continue and a new form will appear.
- Open a new tab in your browser and log in to your OneLogin account. Navigate to the Admin dashboard. You will be using the Leave Dates tab again later.
- Select Apps and Add App to add a new app.
- Search for “OpenId Connect” or “oidc” then select the OpenId Connect (OIDC) app
- Name the app Leave Dates and click Save.
- Go to the SSO tab, and take note of the URL shown next to Issuer URLs V2. It will be in the form https://companyname-dev.onelogin.com/oidc/2 This will be used later in the setup process as the Base URL.
- In the same sheet, copy the Client ID and the Client Secret.
- Revert back to the Leave Dates browser tab and select OneLogin as the Provider
- Enter the Base URL as previously recorded in step 10.
- Paste in the Client ID and Client secret (Copied earlier in step 11)
- Press Create
- An entry will be added to the table, as shown below.
- Copy the LOGIN URL and CALLBACK URL values from this table.
- Back in OneLogin, go to the Info page and upload the below images:
- Press Save to save the configuration.
- In the Configuration page, paste the LOGIN URL copied from step 17, into the Login Url field.
- In the Configuration page, paste the CALLBACK URL copied from step 17, into the Redirect Url field.
- Press Save to save the configuration.
- Everything is now configured to allow you to log in to Leave Dates using OneLogin SSO.
Further considerations
- Users will need to be created in Leave Dates using the same email address as configured for OneLogin.
- Users will need to be invited to use Leave Dates by an admin user, and create an account in Leave Dates using the non-SSO approach (which includes creating a password). This gives them the flexibility to use password login as well if they choose. Users can only log in using SSO once an account has been created in Leave Dates.
- Users will need to be assigned to the Leave Dates application within the OneLogin Portal. This can be performed in the Users area of the application.
- The Login URL link shown in the table in step 16 above can be used as a direct link for logging into Leave Dates using Single Sign On.
- Alternatively, the user can also log in via OneLogin using by clicking Log In on the Leave Dates website, followed by clicking Sign in with SSO and entering the company subdomain (created in step 4 earlier).
- Logging out from OneLogin will not log you out from Leave Dates.