Attention |
Step 1: Connect your OneLogin directory with Wizer
Step 1: Configure app on the OneLogin dashboard
1. Log in to the OneLogin Administration Dashboardhttps://www.onelogin.com/ - Click the Administration Tab.
2. Click Applications -> Applications - Then click Add App.
3. Find the OpenId Connect App from the search field and click on it.
4. Setup a Wizer application. Enter a name for your application in the Display Name - Click Save
5. In the Configuration Tab enter Login Url and Redirect URI Note down your OneLogin domain.
(DO NOT INCLUDE https:// OR THE TRAILING SLASH!)
Your OneLogin domain should be something like: mycompany.onelogin.com For Login URL enter:
https://api.wizer-training.com/api/v1/sso/onelogin/login?domain=yourOneLoginDomain For example, if your OneLogin domain is wizer.onelogin.com, the result will be:
https://api.wizer-training.com/api/v1/sso/onelogin/login?domain=wizer.onelogin.com
(Replace wizer.onelogin.com with your OneLogin domain!) Redirect URL:
https://api.wizer-training.com/api/v1/sso/onelogin/callback
6. Click the SSO tab. Change the setting in the Token Endpoint drop-down to POST, - then click Save
7. Get the Client ID and Client Secret
Note down the values as they will be used in the next section
8. In the Access Tab add the Roles that can access this application
- Click Save in the top right corner
9. If you want to assign individual users that can access this application
- Click the Users tab in the header
- Click on the user you want to assign to the application
Step 2: Configure settings in Wizer Application
1. Go to https://admin.wizer-training.com/settings/single-sign-on
2. Paste Client ID, Client Secret to settings in Wizer Application
3. Paste the OneLogin domain - the same value that was used in the previous step when configuring Login URL
Your OneLogin domain will be something like: mycompany.onelogin.com (DO NOT INCLUDE https:// OR THE TRAILING SLASH!)
Step 3: Test your OneLogin integration
1. Log out if you are logged in Employee App (https://app.wizer-training.com)
2. In Wizer admin panel, click your SSO Link in the OneLogin tab
https://admin.wizer-training.com/settings/single-sign-on
You will be redirected to the Employee App
4. You will be redirected to your OneLogin login web page. Enter your OneLogin credentials. You should be redirected back to the Wizer Employee App and should be Signed In
Step 2: Configuring the SCIM Automatic user provisioning
Now you can generate and configure a SCIM bearer token.
Click the link below to proceed with step 2 which opens in a new tab.
OneLogin SCIM - Automatic User Provisioning
You may also Enforce SSO. This feature allows configuring SSO user access to Wizer. When SSO is not enforced the users can sign in to Wizer with SSO and password by using the reset password flow. This is considered a security issue, as it contradicts the very essence of the SSO application. Now as an Admin you can Enforce SSO in Wizer UI and forbid password usage for SSO users. Non-SSO users will still be able to log in with the password.
Any questions? Please contact our support specialists at support@wizer-training.com.