This document will detail the process to configure the Deep Freeze Cloud so that users can log into the Deep Freeze Cloud site using credentials from OneLogin as an identity provider.
This document assumes that the person configuring Deep Freeze Cloud is familiar with OneLogin and has already configured the appropriate user credentials in their environment and that they have signed up for a Deep Freeze Cloud Account.
- Login to the OneLogin Console
- Click on Administration
- Click on Applications
- Click on Add App
- Under Search enter SAML and select “SAML Test Connector (Advanced)”
- Specify Display name and click Save
- Under More Actions click on SAML MetaData to download MetaData
- Go to Deep Freeze Cloud Console
- Under User Management select SAML Integration
- Under Identity Provider Setup select Upload IdP Metadata, using Browse pick the file downloaded in step #7 and click on Next
- Under Attribute Mapping keep default settings to use email unless some other custom attribute is configured under OneLogin console. In this case select “Use Custom Attribute instead of NameID for uniquely identifying a user.” and provide a custom attribute.
- Under Settings enter the Login Domain which will be used to login to Cloud Console and specify User Roles which will be assigned on the first login.
By default Administrator role is assigned to the user. Users will have access to all sites under the Organization (this could be changed later under the User Management to desired). Click Save
- Under the Service Provider Configuration tab click on Copy for Audience URL
- Switch to OneLogin console, under Configuration insert copied link into Audience (EntityID)
- Go back to Deep Freeze Cloud Console and copy the link from Assertion Consumer Url
- Switch to OneLogin Console and insert the same copied link under three following places:
ACS (Consumer) URL Validator*
ACS (Consumer) URL*
- Switch to the SSO tab, select SHA 256 under SAML Signature Algorithm, and click Save
- Under OneLogin console switch to the User page
- Select user which will be using OneLogin to login to Deep Freeze Console
- Switch to the Applications tab and click on ‘+’
- Select the application that had been created and click Continue
- The edit window will be shown. Click Save there
- Click on Save User
- Setup is configured now. Go to Deep Freeze Cloud console login page and select SAML as the login option, and under Domain Identifier specified name from step #12:
- The user will be prompted to provide OneLogin credentials, and after providing proper credentials user will be logged in to DF Console