You can choose to enforce SAML SSO for Ally with OneLogin for added security. Once set up, users in your organization can use their managed OneLogin account credentials to sign in to Ally via Single Sign-On (SSO).
To connect your SSO to your instance of Ally, please follow the instructions listed here: Steps to setup SSO
After you have enabled SSO within Ally, the next step is to create an Ally App within you SSO:
- Login to OneLogin administrator dashboard.
- Navigate to Apps > Add Apps inside the administrator dashboard. Search for 'SAML Test Connector(Advanced)' and select the first result from the search results.
- Enter ‘Ally’ under the ‘Display Name’ label against the Portal section and click the save button.
4. (Optional) Click Choose file next to the Upload Logo field to upload a PNG or GIF file to serve as an icon. The file size should be 512 pixels square.
5. Go to the ‘Configuration tab’. Fill in the SAML name from the Ally SSO Integrations page into ‘Audience’, ‘Recipient’, and ‘ACS(consumer) URL’ fields. Enter ^https:\/\/app.ally.io\/.* into the ‘ACS (Consumer) URL Validator’ field, as shown below.
6. Choose ‘Email’ as the option for the ‘SAML nameID format’ field as shown below.
7. Go to the ‘Parameters’ tab and add the following parameters one by one by clicking the ‘Add parameter’ link.
Note: You may have to check “Include in SAML assertion” on each field
8. Click ‘Save’ on the top right corner of the page to complete the setup at your end.
9. If you want to enforce your SSO options, please select “Force your team to log in via your SSO provider. ” If you do not want to enforce your SSO (allowing users to login with other SSO credentials) then leave this field unselected.