OneLogin

You already use your SSO to conveniently manage permissions to applications; now you can also use it to manage permissions to your datasources following these simple steps.

  1. Add new application: Click on “Applications” then “Add Apps”. Search for “OpenID Connect (OIDC)” and click on it. Name the application “strongDM” and click “Save”.

    "Create App"

  2. Enter configuration details: Go to the “Configuration” tab and enter the strongDM login URL: https://app.strongdm.com. Add the following “Redirect URI’s”: https://app.strongdm.com/auth/return and https://app.strongdm.com/auth/return/

    "Enter URLs"

  3. Get Client ID and Client Secret: Go to the “SSO” tab and note the Client ID and Client Secret. You will need these in the next step.

    "Get Client ID and Client Secret"

  4. Enter the account details in strongDM: In the strongDM app, go to Settings -> Authentication, choose OneLogin from the dropdown menu, and add your URL, Client ID, and Client Secret as shown.

    "Configure OneLogin in strongDM"

  5. Enable refresh token and set Authentication Method: On the OneLogin side again, configure the refresh tokens as shown in the screenshot and set “Authentication Method” to POST. Save the configuration.

    "Configure tokens in OneLogin"

  6. Final steps in OneLogin: Confirm that the email addresses for all users are identical in both strongDM and OneLogin. Confirm that all users who you intend to grant database access have access to the strongDM application by default, and if all of the above is true, you should be set.

    NOTE: Once you have saved the application configuration in OneLogin, it may take some time for the changes to be reflected in the OneLogin authentication environment. We recommend waiting at least several hours before enabling and testing OneLogin SSO in strongDM after you have completed the setup.

  7. If any errors occur or if the integration fails in any way, please contact support@strongdm.com for assistance.