How to configure Thinfinity VirtualUI to authenticate using Onelogin SAML 43

How to configure Thinfinity® VirtualUI to authenticate using Onelogin SAML

How to configure Thinfinity® VirtualUI to authenticate using Onelogin SAML

In this new post, we will show you “step by step” how to configure SAML on the Onelogin portal and how to add this authentication method in Thinfinity® VirtualUI.

1. Open your Onelogin Administrator’s page, and click on ‘Applications’ and then click on ‘Applications’ : 

How to configure Thinfinity VirtualUI to authenticate using Onelogin SAML - 01

2. Click on ‘Add Application’, search for ‘SAML’ and click on ‘SAML Custom Connector (Advanced)’

How to configure Thinfinity VirtualUI to authenticate using Onelogin SAML - 02

3. Give your application a name and press ‘Save’

How to configure Thinfinity VirtualUI to authenticate using Onelogin SAML - 03

4. Edit the newly created Application, and click on the ‘Configuration’ tab.

Enter the following information in the fields displayed :

Where ‘MyThinfinityServer’ is the URL used for your Thinfinity Server.

How to configure Thinfinity VirtualUI to authenticate using Onelogin SAML - 04

5. Click on the ‘SSO’ Tab and click on ‘View Details’

How to configure Thinfinity VirtualUI to authenticate using Onelogin SAML - 05

6. Click on the ‘Download’ button, which will download the certificate used for the SAML authentication.

How to configure Thinfinity VirtualUI to authenticate using Onelogin SAML - 06

7. Go back to the ‘Configurations’ tab, and copy the URLs under “Issuer URL” and “SAML 2.0 Endpoint (HTTP)” :

How to configure Thinfinity VirtualUI to authenticate using Onelogin SAML - 07

8. Open the Thinfinity® Server manager, navigate to the ‘Authentication’ tab, click on ‘Add’ and ‘SAML’

How to configure Thinfinity VirtualUI to authenticate using Onelogin SAML - 08

9. Configure the following fields :

How to configure Thinfinity VirtualUI to authenticate using Onelogin SAML - 09

  • Service Identifier = Audience (EntityID)
  • Service Certificate File = Your certificate file
  • Service Certificate Password = Your certificate’s password
  • Identification Entity ID = Issuer URL
  • Single Sign-On Service URL = SAML 2.0 Endpoint (HTTP)
  • Sign-Out URL = This value is optional
  • Partner Certificate File = X.509 Certificate provided by Ping Identity

10.  Click ‘OK’ and then ‘Apply’

11.  Back in the ‘Authentication’ tab, switch to the ‘Mappings’ tab and map your email address to the local AD user or group:

How to configure Thinfinity VirtualUI to authenticate using Onelogin SAML - 10

As an example, we mapped an email address to an AD user, but you can also use a wild-card.

For instance, you can add “*@cybelesoft.com” as “Authentication ID mask” and map this back to the ‘Cybelesoft\Domain Users’ group in your AD.

Now after applying the changes to the Thinfinity® manager, go to the Thinfinity® site, and you should be able to see the ‘SAML’ authentication method listed:

How to configure Thinfinity VirtualUI to authenticate using Onelogin SAML - 11

If you have any questions regarding the SAML configuration, you can leave a comment below or send us an email at [email protected].

Regards,

The Cybele Team

Have any questions?

Book a call today to learn more about how Thinfinity® can help your organization. We are always available to guide you and provide the best solution based on your specific needs.

Add Comment

Thinfinity_logo

Get a Demo

Experience how Universal ZTNA with Thinfinity® integrates with VDI and DaaS for unmatched security and flexibility.

Blogs you might be interested in

<span>Authentication</span>, <span>Independent software Vendor (ISV)</span>, <span>IT Admin</span>, <span>IT Security</span>, <span>Onelogin</span>, <span>RBAC</span>, <span>SAML</span>, <span>Thinfinity VirtualUI</span>, <span>Thinfinity Workspace</span>