Home > General Administration > Managing Dashboard Access > Configuring SAML SSO with OneLogin

Configuring SAML SSO with OneLogin

Table of contents
No headers
This article provides an example walk-through of configuring OneLogin as an Identity Provider (IdP) for the Cisco Meraki Dashboard. It is recommended that administrators read the article on SAML integration for Dashboard before proceeding.

 

  1. Login to OneLogin as a user with permissions to create company apps.
  2. From the home page, click on APPS > Add Apps.
    a6201556-2f2f-48ea-ab33-1ebfc84759e4
  3. Search for 'meraki' and click on the Meraki app.
    1edbc90e-682c-4eb3-b43d-969e859f09b1
  4. On the initial configuration page:
    1. Under Personal or Organization App, choose the bubble for the organization.
      47e68cf1-054e-44e3-9d6a-91e15dc4e320
    2. Under Connectors, choose the bubble for SAML2.0.
      a646af6a-395d-4160-a27d-23833ec05a62
  5. Click Save.
    7452ae22-8242-4a43-863d-34156c750510
  6. On the Configuration tab, enter the SAML Consumer URL. This will be the Consumer URL from Organization > Settings > SAML Configuration in Dashboard.
    c55b6f60-a063-46f2-9eb6-226d0f0d73ba
  7. On the SSO tab, click on View Details under the X.509 Certificate.
    1bbbc58a-9650-46e3-851f-0b313acd4d20
  8. Copy the SHA1-Fingerprint and enter it in the X.509 cert SHA1 fingerprint field under Organization > Settings > SAML Configuration in Dashboard.
    6255eb8f-59e2-4dca-81d5-780b3b765aa6
  9. Return to the previous page by clicking on the Meraki (or custom name entered earlier) app under Apps using this certificate. Then click on the SSO tab.
  10. (Optional) Enable Single Logout (SLO) by copying the SLO Endpoint (HTTP) field and pasting it into the SLO logout URL field under Organization > Settings > SAML Configuration in Dashboard.
    Note: If enabled, logging out in Dashboard will log the user out of OneLogin and any compatible apps as well.
    908beee6-4c8e-49b1-95bb-b153ec681b84
  11. On the Access tab, ensure that any desired Roles are selected. If none are selected, users will need to be manually given access to the app.
    0f2e50e9-09be-4345-9fdb-deb52feddb29
  12. Click Save.
    bfef3fc8-ec9d-4aa3-8221-a243b9514751
  13. On the Users tab, select a user to grant access. In this example, it is assumed that 'SAML Demo' is part of the 'Default' role.
    74190c73-f7d0-471a-a5cd-505e6a09e916
  14. Enter a Role for the user. This must match a Role configured under Organization > Administrators > SAML administrator roles in Dashboard.
    9b83c6ce-e145-4bbb-9cc1-d78f17f92be7
  15. Click Save.
    7452ae22-8242-4a43-863d-34156c750510

At this point, the configured user should be able to seamlessly login to Dashboard by clicking on the Meraki app. 

c4042b5a-2295-498e-81af-7f82ef6fefda

If an error is presented, ensure that all necessary fields have been correctly populated and both the user's Role and the SHA1 fingerprint match correctly between OneLogin and Dashboard.

 

For any questions on OneLogin, please refer to the OneLogin documentation.

For more information on Dashboard permissions and administrator types, refer to the article on managing administrative users.

You must to post a comment.
Last modified
22:25, 2 Feb 2015

Tags

Classifications

This page has no classifications.

Article ID

ID: 1578

Contact Support

Most questions can be answered by reviewing our documentation, but if you need more help, Cisco Meraki Support is ready to work with you.

Open a Case

Ask the Community

In the Meraki Community, you can find answers provided by fellow Meraki users and ask questions of your own.

Visit the Community