What you'll learn in this article: If your company uses OneLogin as an identity provider under SAML 2.0, you can easily set up SSO on your own.
Setting up a new SSO integration for OneLogin with SAML
- You need to have admin rights in both TravelPerk and OneLogin to be able to set this up
- Both TravelPerk and OneLogin need to be open and accessible to finalize the integration
To configure a new SSO integration, follow these steps:
- Go to Company settings > Integrations > SSO
- Click on Set up
- Click on SAML and create a New Integration
Once you've created a New integration, you'll need to configure it:
- Open your OneLogin admin console → Administration → Applications → Add App
- Search for TravelPerk SAML 2.0 and click on it
- If you'd like, you can add a description for your new SAML app to quickly identify it. Click on Save.
Inside your OneLogin Administration page, on the left, click on the SSO section:
From your OneLogin configuration to TravelPerk:
- Copy Issuer URL and paste it to IdP entity ID
- Copy SAML 2.0 Endpoint (HTTP) and paste it to IdP SSO service URL
- In X.509 Certificate, click on View Details and copy the x509 cert and paste it into the IdP x509 cert
Inside your OneLogin Administration page, on the left, click on the Configuration section:
From TravelPerk to your OneLogin app configuration:
- Copy SP entity ID and paste it in Audience (entity ID)
- Copy SP Assertion Consumer Service URL and paste it in Recipient, ACS (Consumer) URL Validator, and ACS (Consumer) URL. Paste the same value in all of them
- Save
If you are interested in knowing the attribute mapping, go to your OneLogin Administration page, on the left, click on the Parameters section.
You'll finish setting it up once you Save it in OneLogin and Create integration in TravelPerk.
Remember! In OneLogin, you will need to assign people or groups who need to access TravelPerk. If you don't add them, they won't be able to access TravelPerk via OneLogin.
Optional next steps
There are other features you can take advantage of when enabling SSO for your company. You will find the configuration screen once you have clicked on Create integration and the integration was created successfully:
- Create users when they sign in. If you ever wonder if all your employees have access to TravelPerk, turn this on and we will create the user on the fly. We won't create a user if the person doesn't have access to the app from OneLogin.
- Update users when they sign in. We'll match TravelPerk's information to the information received by the IdP.
- Customize your sign in button
See more information in Advanced SSO Settings