Login
      Contents x
      Integrating with OneLogin
        • Print
        • PDF
        Contents

        Integrating with OneLogin

          • Print
          • PDF
          Article Summary

          Available in Classic and VPC

          This section describes how to integrate OneLogin, a user authentication and access management solution, with a NAVER Cloud Platform account. Users within the organization can log into NAVER Cloud Platform console with the OneLogin account being used and use the service within the granted permissions.

          The sequence of integrating NAVER Cloud Platform accounts and OneLogin accounts is as follows:

          1. Download metadata from OneLogin
          2. Register external IdP information on NAVER Cloud Platform
          3. Configure OneLogin authentication
          4. Configure NAVER Cloud Platform authentication
          5. Verify integration

          1. Download metadata from OneLogin

          When registering external IdP information in the Ncloud Single Sign-On service, OneLogin metadata is required. This section describes how to download OneLogin metadata.

          The method for downloading metadata from OneLogin is as follows:

          1. Access OneLogin and click the Applications > Applications menu on the top of the page.
          2. Click the [Add App] button.
          3. Enter "SAML Custom Connector (Advanced)" in the search area and click the search result.
          4. Enter a name in Display Name and click the [Save] button.
          5. Click the Configuration menu at the left side of the page.
          6. On the top right of the page, click More Actions > SAML Metadata.
          7. Confirm the file downloaded to the user’s PC.

          2. Register external IdP information on NAVER Cloud Platform

          The following describes how to register OneLogin metadata in the Ncloud Single Sign-On service.

          1. Click the environment you are using in the Region menu and Platform menu of the NAVER Cloud Platform console.
          2. Click Services > Management & Governance > Ncloud Single Sign-On, in that order.
          3. In the Tenant menu, click the [Register External IdP] button.
          4. In the Metadata section, paste the metadata information downloaded from 1. Download metadata from OneLogin, then click the [Save] button.
            • The sub-information will be entered automatically.
          5. Click the [Register] button.

          3. Configure OneLogin authentication

          This section describes how to input external IdP metadata information and user profiles obtained from NAVER Cloud Platform console into OneLogin.

          Note

          When mapping user profiles, there are methods to manually input the profile and to set it to receive information from IdP during login. This guide is based on how to receive information from IdP during login.

          Enter SAML information

          The following describes how to enter SAML information in OneLogin.

          1. After accessing OneLogin, click the Applications > SAML Custom Connector (Advanced) menu.
          2. Click the Configuration menu at the left side of the page.
          3. Enter as follows:
          4. Once the entry of mandatory information is complete, click the [Save] button located at the top right of the page.

          Copy SAML integration information

          To integrate Ncloud Single Sign-On service and IdP, you need the Assertion Consumer Service (ACS) URL information, which is the endpoint to receive the SAML response from IdP, and the Issuer URL information to identify the IdP.
          The following describes how to confirm the ACS URL and Issuer URL of NAVER Cloud Platform.

          1. Click the environment you are using in the Region menu and Platform menu of the NAVER Cloud Platform console.
          2. Click Services > Management & Governance > Ncloud Single Sign-On, in that order.
          3. Copy the following information from the External IdP Metadata section in the Tenant menu.
            • Assertion Consumer Service (ACS) URL
            • Issuer URL
            • Login URL

          Configure Attribute Mapping

          To map user profiles of OneLogin with Ncloud Single Sign-On service, this defines the user attribute information to be transferred from OneLogin to NAVER Cloud Platform.

          Note

          This guide explains the user attribute information primarily used in authentication, which are FirstName, LastName, Email.

          The following shows how to define user attribute information in OneLogin.

          1. Click the Parameters menu on the right side of the page in OneLogin.
          2. Click the [+] button in the SAML Custom Connector (Advanced) field area.
          3. Enter "FirstName" in Field Name, then click the [Save] button.
            • The entered field name will be used during user profile mapping in the Ncloud Single Sign-On service.
          4. Click the Value dropdown button and select the value to map to FirstName, then click the [Save] button.
          5. Register LastName in the same manner.

          Add OneLogin user

          The following describes how to add a user in OneLogin.

          1. Click the Users > Users menu at the top of the page.
          2. Click the New User button at the upper right of the page.
          3. Enter the First name, Last name, Email, and Username information of the user to be added, then click the [Save User] button.
          4. To set the password for the created user, click the More Actions > Change Password menu.

          Assign application to user

          The following describes how to assign an application to OneLogin users.

          1. Click the Users > Users menu at the top of the page.
          2. Click the user to whom the application will be assigned.
          3. Click the Applications menu at the left side of the page.
          4. Click the [+] button in the Applications area.
          5. Select the application to connect to, and then click the [Continue] button.
          6. Check the information, and then click the [Save] button.

          4. Configure NAVER Cloud Platform authentication

          This section describes how to register the OneLogin account to be integrated with NAVER Cloud Platform console and then map user profiles.

          Add SSO User

          You need to create an SSO User in the Ncloud Single Sign-On service using the email information of the user created in the Add OneLogin user step.
          The following describes how to add an SSO User in the Ncloud Single Sign-On service.

          1. Click Services > Management & Governance > Ncloud Single Sign-On menus, in that order.
          2. Click External IdP login > Users > [Create User] button.
          3. Enter the email address of the user created in Add OneLogin user, then click the [Create] button.
          Note

          For how to create an SSO User in Ncloud Single Sign-On service, see Users.

          Configure Attribute Mapper in NAVER Cloud Platform

          The following shows how to link user attribute information set in OneLogin to user attribute information of Ncloud Single Sign-On service.

          1. Click the environment you are using in the Region menu and Platform menu of the NAVER Cloud Platform console.
          2. Click Services > Management & Governance > Ncloud Single Sign-On menus, in that order.
          3. Click the Tenant menu.
          4. Click the [Attribute Mapper] button.
          5. When the Attribute Mapper page appears, enter the registered content in Configure Attribute Mapping in External IdP Parameter.
          6. In Sync mode, set the user profile update method.
            • None: the user profile is not updated.
            • Import: the user profile is updated only upon first login.
            • Force: the user profile is updated at every login.
          7. Click the [Save] button.

          5. Verify integration

          The following describes how to verify if the OneLogin account and NAVER Cloud Platform account are integrated.

          1. Click the environment you are using in the Region menu and Platform menu of the NAVER Cloud Platform console.
          2. Click Services > Management & Governance > Ncloud Single Sign-On, in that order.
          3. Copy the Login URL from the Tenant menu, then access the URL.
            • The SSO role switch page will appear.
          4. Click the [Console access] or [API access] button on the SSO role switch page.
            • Depending on the access type set for the logged-in SSO User, the [Console access] or [API Gateway access] button will appear.
          5. Click the Services > Management & Governance > Ncloud Single Sign-On > External IdP login > User menu.
          6. Click the [Profile] tab in the detailed information of the logged-in SSO User, then check if the user profile has been updated.
          Was this article helpful?
          What's Next
          Change password!
          Changing your password will log you out immediately. Use the new password to log back in.
          Change profile
          Success!
          First name must have atleast 2 characters. Numbers and special characters are not allowed.
          Last name must have atleast 1 characters. Numbers and special characters are not allowed.
          Enter a valid email
          Enter a valid password
          Your profile has been successfully updated.
          Logout