OneLogin SSO
Files.com supports SSO integrations with OneLogin using the SAML protocol.
Adding Files.com in OneLogin
Log in to your OneLogin account as an administrator. Go to Applications, click Add App, search for SAML Test Connector (IdP), and select it.
Enter the Display Name, and click Save.
Click Configuration in the left pane, and enter the following values:
| Parameter | Value |
|---|---|
| RelayState (optional) | [SUBDOMAIN].files.com(replace [SUBDOMAIN] with your Files.com subdomain) |
| Audience | https://app.files.com/saml/metadata |
| Recipient | https://app.files.com/saml/consume |
| ACS (Consumer) URL Validator | https://app.files.com/saml/consume |
| ACS (Consumer) URL | https://app.files.com/saml/consume |
Click Save at the top right to save these changes. Click SSO, then click View Details under X.509 Certificate.
Change SHA Fingerprint from SHA1 to SHA256 and click Save.
Copy the SHA256 fingerprint, Issuer URL, SAML 2.0 Endpoint (HTTP), and SLO Endpoint (HTTP). You'll enter these when adding OneLogin in Files.com.
Adding OneLogin in Files.com
In the Add provider form, enter the Display Name and leave the Metadata URL field empty. Enter the values copied from OneLogin into their corresponding Files.com fields: the SHA256 fingerprint into SHA256 certificate fingerprint, the Issuer URL into Issuer URL, the SAML 2.0 Endpoint (HTTP) into SSO endpoint, and the SLO Endpoint (HTTP) into SLO endpoint.
Click Save to apply the change.
You can also connect more than one OneLogin instance or app to your Files.com site.
The OneLogin SSO method is now available when assigning an authentication method for a user in Files.com, and the Sign in with OneLogin button appears on your site's login page.
Keep at least one site administrator on password authentication rather than assigning every administrator to SSO. This prevents lockout if your IdP or SSO configuration breaks.
Provisioning Users Automatically
OneLogin can provision users into Files.com automatically through two methods.
SCIM Provisioning
SCIM Provisioning is a standard that lets your users be provisioned in Files.com from OneLogin automatically. Enter the following settings into OneLogin for SCIM:
| Field | Value |
|---|---|
| SCIM connector base URL | https://app.files.com/api/scim |
| Authentication Mode | Basic Auth |
| Basic Auth Username and Password | Enter a username and password of your choosing |
The username and password entered for Basic Auth also need to be added as the SCIM username and password in Files.com. Type SSO Providers in the search box at the top of every page and click the matching result. Locate your OneLogin provider entry and edit it to set Enable automatic user provisioning via SCIM? to Basic.
Once configured, OneLogin users assigned to the Files.com application in OneLogin are provisioned to Files.com and can log in via SSO.
Files.com offers numerous configuration options for SCIM provisioning, detailed in the Configuration Options section of our SCIM provisioning documentation.
Just-In-Time (JIT) Provisioning
JIT Provisioning creates a user record in Files.com the first time a user logs in successfully. It is simpler than SCIM but more limited: JIT can provision users, but it cannot delete or disable them. Files.com uses JIT Provisioning automatically when SCIM is not configured.
Get The File Orchestration Platform Today
4,000+ organizations trust Files.com for mission-critical file operations. Start your free trial now and build your first flow in 60 seconds.
No credit card required • 7-day free trial • Setup in minutes