Configuring OneLogin for Coveo Cloud V2 SAML SSO

OneLogin is a service providing single sign-on (SSO) for web applications (see OneLogin Single Sign-On).

Single sign-on allows users to log in to several systems with a single ID and password. Many SSO systems support Security Assertion Markup Language (SAML) 2.0, which is an XML-based, open-standard data format, to allow an external service provider to rely on the user authentication performed by a trusted identity provider (see Security Assertion Markup Language).

As a Coveo Cloud V2 administrator, you can implement SAML SSO when your company uses OneLogin. Users can then log in to Coveo Cloud V2 without having to provide their username and password since their identity has previously been validated when logging in to their OneLogin session.

To allow users to log in via SAML SSO, Coveo Cloud V2 must be able to trust and rely on OneLogin to authenticate users wishing to login. To establish this trusting relationship, you must configure OneLogin and then Coveo Cloud V2 so that both parties can exchange authentication information.

If you are not the OneLogin administrator at your company, contact them so they configure OneLogin using the following steps. If you wish to encrypt identity provider assertion, you will have to provide them with the Coveo Cloud V2 public certificate as well (see Encrypt OneLogin Assertions).