How to configure Thinfinity® VirtualUI to authenticate using Onelogin SAML

How to configure Thinfinity VirtualUI to authenticate using Onelogin SAML 43

In this new post, we will show you “step by step” how to configure SAML on the Onelogin portal and how to add this authentication method in Thinfinity® VirtualUI.

 

1. Open your Onelogin Administrator’s page, and click on ‘Applications’ and then click on ‘Applications’ :

 

How to configure Thinfinity VirtualUI to authenticate using Onelogin SAML - 01

 

2. Click on ‘Add Application’, search for ‘SAML’ and click on ‘SAML Custom Connector (Advanced)’

 

How to configure Thinfinity VirtualUI to authenticate using Onelogin SAML - 02

 

3. Give your application a name and press ‘Save’

 

How to configure Thinfinity VirtualUI to authenticate using Onelogin SAML - 03

 

4. Edit the newly created Application, and click on the ‘Configuration’ tab.

 

Enter the following information in the fields displayed :

Where ‘MyThinfinityServer’ is the URL used for your Thinfinity Server.

 

How to configure Thinfinity VirtualUI to authenticate using Onelogin SAML - 04

 

5. Click on the ‘SSO’ Tab and click on ‘View Details’

 

How to configure Thinfinity VirtualUI to authenticate using Onelogin SAML - 05

 

6. Click on the ‘Download’ button, which will download the certificate used for the SAML authentication.

 

How to configure Thinfinity VirtualUI to authenticate using Onelogin SAML - 06

 

7. Go back to the ‘Configurations’ tab, and copy the URLs under “Issuer URL” and “SAML 2.0 Endpoint (HTTP)” :

 

How to configure Thinfinity VirtualUI to authenticate using Onelogin SAML - 07

 

8. Open the Thinfinity® Server manager, navigate to the ‘Authentication’ tab, click on ‘Add’ and ‘SAML’

 

How to configure Thinfinity VirtualUI to authenticate using Onelogin SAML - 08

 

9. Configure the following fields :

 

How to configure Thinfinity VirtualUI to authenticate using Onelogin SAML - 09

 

  • Service Identifier = Audience (EntityID)
  • Service Certificate File = Your certificate file
  • Service Certificate Password = Your certificate’s password
  • Identification Entity ID = Issuer URL
  • Single Sign-On Service URL = SAML 2.0 Endpoint (HTTP)
  • Sign-Out URL = This value is optional
  • Partner Certificate File = X.509 Certificate provided by Ping Identity

 

10.  Click ‘OK’ and then ‘Apply’

 

11.  Back in the ‘Authentication’ tab, switch to the ‘Mappings’ tab and map your email address to the local AD user or group:

 

How to configure Thinfinity VirtualUI to authenticate using Onelogin SAML - 10

 

As an example, we mapped an email address to an AD user, but you can also use a wild-card.

 

For instance, you can add “*@cybelesoft.com” as “Authentication ID mask” and map this back to the ‘Cybelesoft\Domain Users’ group in your AD.

 

Now after applying the changes to the Thinfinity® manager, go to the Thinfinity® site, and you should be able to see the ‘SAML’ authentication method listed:

 

How to configure Thinfinity VirtualUI to authenticate using Onelogin SAML - 11

 

If you have any questions regarding the SAML configuration, you can leave a comment below or send us an email at [email protected].

 

Regards,

 

The Cybele Team

Leave a comment

Privacy Preferences
This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.