To enable single sign-on (SSO) with SAML for Umbrella, you must first add the OneLogin application for Umbrella to your organization, then follow a step-by-step wizard to complete the process in Umbrella.
- Navigate to Admin > Authentication.
- In the SAML Dashboard User Configuration section, click Enable SAML.
- Select OneLogin and click Next.
- From the Instructions tab, follow instructions as listed. You'll be asked to provide the provider metadata.
- To configure OneLogin for Umbrella to gather the metadata, log into your OneLogin dashboard as the user you want to configure for Umbrella and go to the Admin tab.
Note: You must log into both dashboards with the same user —email address—or these steps will fail.
- Click Add Application and then Find Apps.
- Search for "OpenDNS" and add the application named OpenDNS with SAML 2.0 next to it. Save the app and keep the defaults for General Settings.
- Select the defaults for setup steps 1 through 4 (change opendns.com to umbrella.com. For example, https://login.umbrella.com/sso), verifying the attribute mapping and then click Save & Publish.
- At Step 5 - Review, click Download next to SAML Metadata and save the onelogin-metadata-idp.xml file.
- Ensure all users that will need to log in to your Umbrella dashboard now or in the future have the OpenDNS application assigned to their Ping account. All users must have access to the OpenDNS application or they will not be able to log in. Save the configuration.
- Once you've completed the application setup, return to Umbrella, navigate to Settings > Authentication and proceed to step 3 Upload Metadata.
- Click Choose File, select the metadata file you downloaded from Ping Identity and click then Next.
- Click Test Your SAML Configuration and enter the Umbrella email for your current logged in user that was added to the Ping Identity application. After the test completes, a success message should be displayed.
Updated 2 months ago