To configure OneLogin to sign in users into UserVoice using SAML, follow those steps.
In OneLogin, do the following:
- In OneLogin, navigate to Apps → Find apps and search for UserVoice. Click Add.
- In the Add UserVoice screen select for the app to be used by the Organization and select SAML 2.0 for the Connector Version. Press Continue.
- Type your UserVoice subdomain into the Subdomain field within the Configuration tab.
- Under the Single Sign-on tab copy the HTTP Endpoint under SAML Endpoints to the clipboard for use in UserVoice later (step 2 below). Next click "View details" below X.509 Certificate and download the certificate. You will give this to UserVoice.
In UserVoice, do the following:
To setup UserVoice as a SAML Service Provider, you need to upload your OneLogin SAML token signing certificate via UserVoice Admin Console.
- Go to Admin Console → Settings → General → User authentication.
- Select the option Single Sign-On (SSO).
- SSO KEY is not used in SAML, so ignore it.
- Input the SSO Remote Sign-In URL of your Identity Provider (required). This is the HTTP endpoint copied in Step 4 above.
- If you need to, also input your SSO Remote Sign-Out URL so that your IdP knows when users log out. This is https://app.onelogin.com/client/apps
- Finally, upload your OneLogin x509 certificate file in either PEM (ascii) or DER (binary) format. This is located in Security → SAML section of OneLogin.
- Then, press Save authentication settings.
To test do the following:
- Login to OneLogin.
- Make sure you are logged out of UserVoice.
- Click the UserVoice icon on your dashboard. This should log you into UserVoice.
- Alternatively, you can go to http://subdomain.usevoice.com and attempt to sign in, at which point you should be signed in through OneLogin.