Overview

This document will detail the process to configure the Deep Freeze Cloud so that users can log into the Deep Freeze Cloud site using credentials from OneLogin as an identity provider.

Requirements

This document assumes that the person configuring Deep Freeze Cloud is familiar with OneLogin and has already configured the appropriate user credentials in their environment and that they have signed up for a Deep Freeze Cloud Account.

Process

1. Login to the OneLogin Console
2. Click on Administration
   
3. Click on Applications
   
4. Click on Add App
   
5. Under Search enter SAML and select “SAML Test Connector (Advanced)”
   
6. Specify Display name and click Save
   
7. Under More Actions click on SAML MetaData to download MetaData
   
8. Go to Deep Freeze Cloud Console
9. Under User Management select SAML Integration
   
10. Under Identity Provider Setup select Upload IdP Metadata, using Browse pick the file downloaded in step #7 and click on Next
    
11. Under Attribute Mapping keep default settings to use email unless some other custom attribute is configured under OneLogin console. In this case select “Use Custom Attribute instead of NameID for uniquely identifying a user.” and provide a custom attribute.
    
12. Under Settings enter the Login Domain which will be used to login to Cloud Console and specify User Roles which will be assigned on the first login.
    
    By default Administrator role is assigned to the user. Users will have access to all sites under the Organization (this could be changed later under the User Management to desired). Click Save
13. Under the Service Provider Configuration tab click on Copy for Audience URL
    
14. Switch to OneLogin console, under Configuration insert copied link into Audience (EntityID)
    
15. Go back to Deep Freeze Cloud Console and copy the link from Assertion Consumer Url
    
16. Switch to OneLogin Console and insert the same copied link under three following places:
    Recipient
    ACS (Consumer) URL Validator*
    ACS (Consumer) URL*
    
17. Switch to the SSO tab, select SHA 256 under SAML Signature Algorithm, and click Save
    
18. Under OneLogin console switch to the User page
    
19. Select user which will be using OneLogin to login to Deep Freeze Console
    
20. Switch to the Applications tab and click on ‘+’
    
21. Select the application that had been created and click Continue
    
22. The edit window will be shown. Click Save there
    
23. Click on Save User
    
24. Setup is configured now. Go to Deep Freeze Cloud console login page and select SAML as the login option, and under Domain Identifier specified name from step #12:
    
25. The user will be prompted to provide OneLogin credentials, and after providing proper credentials user will be logged in to DF Console