OneLogin SSO


Files.com supports SSO integrations with Onelogin using the SAML protocol.

Adding Files.com in OneLogin

After logging in to your OneLogin account as an administrator, navigate to Applications, click the Add App button, and click SAML Test Connector (IdP w/ attr w/ sign response).

Enter Files.com for the Display Name, and click Save.

Click Configuration in the left pane, and enter the following values:

RelayState

SUBDOMAIN.files.com
(replace SUBDOMAIN with your Files.com subdomain)

Audience

https://app.files.com/saml/metadata

Recipient

https://app.files.com/saml/consume

ACS (Consumer) URL Validator

^https:\/\/app\.files\.com\/saml\/consume$

ACS (Consumer) URL

https://app.files.com/saml/consume

Click Save at the top right to save these changes.

Next, click SSO and click View Details under X.509 Certificate.

Change SHA Fingerprint from SHA1 to SHA256 and click Save.

Lastly, copy the SHA256 fingerprintIssuer URLSAML 2.0 Endpoint (HTTP), and SLO Endpoint (HTTP) so you can enter these when adding OneLogin in Files.com.

Adding OneLogin in Files.com

After logging in to your Files.com account as an administrator, navigate to Settings > Security > SSO Providers, and click the Add provider button. Click to select the OneLogin provider.

In the Add provider form, leave the Metadata URL field empty, and enter the following values copied from OneLogin:

  1. Enter the SHA256 fingerprint from OneLogin into the SHA256 certificate fingerprint field.
  2. Enter the Issuer URL from OneLogin into the Issuer URL field.
  3. Enter the SAML 2.0 Endpoint (HTTP) from OneLogin into the SSO endpoint field.
  4. Enter the SLO Endpoint (HTTP) from OneLogin into the SLO endpoint field.

Lastly, click the Save button to apply the change.

The OneLogin SSO method will now be available when assigning an authentication method for a user in Files.com, and the Sign in with OneLogin button will be displayed on your site's login page.

Provisioning Users Automatically

There are two ways to automatically provision users via Onelogin.

SCIM Provisioning

SCIM Provisioning is a standard that allows your Users to be automatically provisioned in Files.com from Onelogin.

Input the following settings into Onelogin for SCIM:

  • SCIM connector base URL: https://app.files.com/api/scim
  • Authentication Mode: Basic Auth
  • Basic Auth Username and Password: (Enter a username and password of your choosing)

The username and password entered for Basic Auth will also need to be added as the SCIM username and password in Files.com at Settings > Authentication > SSO Providers > Onelogin (Set Enable automatic user provisioning via SCIM? to "Basic" in Files.com if it's not already).

After setting the above, your Onelogin users assigned to the Files.com application in Onelogin will be provisioned to Files.com and should be able to log in to Files.com via SSO.

Just-In-Time (JIT) Provisioning

JIT Provisioning works by creating user records on Files.com upon their first successful login. This method is easier than SCIM, however, it is somewhat limited. Files.com will automatically use Just-In-Time (JIT) Provisioning if you don't set up SCIM.

Get Instant Access to Files.com

The button below will take you to our Free Trial signup page. Click on the white "Start My Free Trial" button, then fill out the short form on the next page. Your account will be activated instantly. You can dive in and start yourself or let us help. The choice is yours.

Start My Free Trial

©2022 Files.com. All right reserved

FILES.COM

  • Start My Free Trial
  • Pricing
  • Docs
  • API and SDKs
  • Contact

CONTACT & SUPPORT

support@files.com

(800) 286-8372

Monday–Friday

9am–8pm Eastern