Step One: From within OneLogin, select the new app button to add an integration from the catalog.
Step Two: In the search box, type “continu” and select the top SAML2.0 application
Step Three: Change the display name if desired, and click save to add the integration.
Step Four: Click on the configuration tab to add the subdomain.
Step Five: Type in the subdomain of your Continu instance here. (For example, if the url you access Continu with is https://goodcompany.continu.co, you would simply type goodcompany in this input). After entering the subdomain, click save.
Step Six: Click on the parameters tab.
Step Seven: The default parameters are already set up and are sufficient for the integration. If you would like to pass additional information with the user, to be saved in Continu, select Add Parameter. Otherwise, skip to Step 12.
Step Eight: In the Field name input, type the name of the field that Continu is expecting.
There is a list of acceptable parameters at the end of these instructions. Check the flag labeled “Include in SAML assertion” and click save.
Step Nine: On the custom parameter added in step 8, click the “- No default -” value.
Step Ten: Select the appropriate value in the value drop down and click save.
Step Eleven: Repeat steps 8-10 for any additional parameters and click save.
Step Twelve: Click on the SSO tab.
Step Thirteen: There are 2 pieces of information necessary to configure the SAML integration within Continu. The first is the SAML 2.0 Endpoint; the url can be copied from this screen by clicking the clipboard icon next to the input. (Note: This information will be used in step 17).
The second piece of information is the certificate itself. To navigate to the certificate, first click View Details below the X.509 Certificate input.
Step Fourteen: The certificate information can be copied by clicking the clipboard icon next to the X.509 Certificate input. This information will be used in Step 17.
Step Fifteen: Login to Continu and select the Admin tab, then click Settings.
Step Sixteen: Within Settings, click on the Integrations tab, followed by the SAML integration.
Step Seventeen: Click on the Reconfigure SAML button, then paste the SAML 2.0 Endpoint information from Step 13 into the SAML 2.0 Endpoint input and paste the X.509 Certificate information from Step 14 into the X.509 Certificate input and click Submit.
Congratulations! The integration is now complete. Be sure to open the integration to the users you wish to have access.
The following fields are acceptable to be passed through sso and will be saved each time a user logs in or is created via the SAML integration:
role - a lowercase string value accepted as “user” “admin” or “creator”.
hired - a string value representing a date in “MM-DD-YYYY” format.
image - a string value of a url representing a users profile image.
job_title - a string value representing a users job title.
location - a string value representing a users location with a hierarchy based on the | symbol. (If a location is passed that does not exist within the application, a new location will be created to accommodate it).
For Example - a value of “United States|California|San Francisco” would create 3 locations assuming they did not exist. Please Note: It is acceptable to have a single item (i.e. “California”) or 2 items as well (i.e. “California|San Francisco”).
department - A string value representing a users department with a hierarchy based on the | symbol. Please Note: This works the same way as location
For more information on OneLogin, please see www.onelogin.com