Search results

OneLogin support for SSO authentication

Bold BI application supports adding users through the OneLogin provider. By importing them, you can share the dashboards and email exported dashboards with them.

NOTE: This feature is available in Bold BI Embedded Analytics but not in Cloud Analytics Server.

How to register the Bold BI application in OneLogin

This section explains how to perform Single Sign-On for users in OneLogin with Bold BI application.

NOTE: This configuration has to be done in OneLogin website.

Prerequisites

  • An admin account in OneLogin.
  • Install Bold BI application.

Steps to register the Bold BI application

  1. Login to the OneLogin website with the admin account.

  2. Click on Applications in the header menu.

    Application page

  3. Click on Add App button.

    Add Application page

  4. Type the word OpenId Connector oidc in the search box and click on the result.

    Openidconnect

  5. Type the application name and click on Add App

  6. Save the application name in the Display Name

    Applicationname

  7. If you want to use the Bold BI mobile application, follow the above steps and finally click SSO and change the Application Type as Native. If not, proceed further as it is.

    Mobile type

  8. Click the Configuration tab and save the Redirect URI's and Login Url. For Bold BI mobile application, use the Mobile App Redirect URI and use the Redirect URI for the web application.

    Redirect URI

  9. The Redirect URI and Login URL is found under the OpenID Connect settings of your Bold BI application as in the following screenshot.

    Redirecturi in setting

  10. Click SSO tab, you will find the Client ID and Client Secret and use it in the Bold BI application.

    OneLoginClient details

After successful registration in OneLogin, save these settings in Bold BI settings page to enable this authentication.

Enable OneLogin support for authentication in Bold BI

Configure the settings in Bold BI as in the following snap to enable the authentication using OneLogin.

OneLogin settings

The fields to be saved in the Bold BI to enable the OneLogin for authentication is explained as below.

Provider Name It represents the name of the authentication provider to be displayed in the login page.
Provider Logo It represents the logo of the authentication provider to be displayed in the login page.
Authorization Endpoint It should be in the format https://subdomain.onelogin.com/oidc/auth
Please refer here for more details.
Token Endpoint Method POST
Token Endpoint It should be in the format https://subdomain.onelogin.com/oidc/token
Please refer here for more details.
User Information Endpoint Method GET
User Information Endpoint It should be in the format https://subdomain.onelogin.com/oidc/me
Please refer here for more details.
Client ID The Client ID you get after registered the Bold BI application in OneLogin website.
Client Secret The Client Secret you get after registered the Bold BI application in OneLogin website.
Scopes openid, profile, email
Logout Endpoint It is the endpoint in the OneLogin website that signs the user out.
Email This must be the field name in which email will be present when deserializing the token.

Configure OneLogin Group Import Settings in Bold BI

Configure group import setting in Bold BI using OneLogin as shown in the below image.

OneLogin Group

For generating the API client credentials follow below link, https://developers.onelogin.com/api-docs/1/getting-started/working-with-api-credentials

We use client Id and client Secret from API client credentials to get token for accessing the groups API. We need Region from API Domain for accessing OneLogin APIs. Please refer below image for region,

OneLogin Region