See below for details on how to add SAML using OneLogin. We have enabled IDP Initiated Logins, so before following the steps below, login into Tripleseat and click on Settings. Click on Preferences and then click on User Authentication. Scroll down and check off "Allow IDP Initiated Logins". Please use the unique URLS created on this screen instead what is listed below which are the generic URLs. You will use the Start URL for the Login URL and the ACS URL Entity ID for the ACS (Consumer) URL* and SAML Recipient URL. You will use the ACS (Consumer) URL Validator* as listed below as the same URL is used across all users. This Feature allows you to use one login to manage different credentials.
- To setup one login for SAML on Tripleseat you will need to access your One Login Account.
- Login to one login
- Go to applications tab
- Create a new application from the template "SAML Test Connector (SP Shibboleth)"
- Fill in Tripleseat details:
Login URL: https://login.tripleseat.com
ACS (Consumer) URL* and SAML Recipient: https://login.tripleseat.com/saml_acs
ACS (Consumer) URL Validator*: ^https:\/\/login\.tripleseat\.com\/saml_acs.*$
- Next click on SSO in Onelogin, you will be copying multiple items from the SSO section to Tripleseat so open a new browser tab and window and log into Tripleseat
- In Tripleseat go to Settings > Preferences > click on the User Authentication tab
- Check off Enable Connection under SAML and enter OneLogin in IDP Display Title
- Copy the Issuer URL from the SSO page from Onelogin and paste it into Issuer URL (Entity ID) in Tripleseat
- Copy the SAML 2.0 Endpoint (HTTP) URL from Onelogin and paste it into the SAML 2.0 Endpoint URL in Tripleseat
- In Onelogin click View Details link under the Standard Strength Certificate (2048-bit)
- Copy the entire certificate text using the button shown below and paste it into the IDP Certificate text box in Tripleseat
- Click Required for all users if you wish to only allow them to login via OneLogin and Update
- Log out of Tripleseat and you will see the OneLogin option when logging back into Tripleseat