OneLogin is a leading cloud-based identity management system. Banyan integrates with your organization’s OneLogin account to authenticate enterprise users that need access to Banyan secured services.
In order to set up this integration, you need will need administrative access to OneLogin and the ability to add a new SAML App.
1a. Navigate to Settings > TrustProvider Settings > Identity Provider and then set your User Identity Provider to SAML.
You will fill out these Identity Provider configuration fields after you set up the new application integration in OneLogin.
1b. Take note of the Redirect URL (ACS) provided in the configuration field. You will need it for the steps in OneLogin below.
2a. Log in to your OneLogin Admin Panel.
2b. Navigate to Applications > Add App. Search for and then select SAML Test Connector (Advanced) to add a SAML 2.0 app.
2c. Name the application Banyan TrustProvider and upload our logo.
2d. When asked for ACS (Consumer) URL use the Redirect URL you obtained in Step 1b. Also, set the
ACS (Consumer) URL Validator to
2e. Banyan requires your IDP’s returned SAML assertion to contain attributes can be mapped to a user’s Email, Username, and Groups.
Set the Attribute Mappings as follows:
OneLogin does not transmit its Groups via SAML attributes. Instead, we suggest using the User Roles field to group users.
2f. In the Access section, assign the Banyan TrustProvider application to
Ensure the Banyan TrustProvider SAML app you just created can be accessed by Everyone.
This will allow Banyan to federate authentication of all users in your organization to your SAML IDP.
Note: You still need to apply Policies in the Banyan Command Center to manage which users can access specific internal applications.
2g. Take note of your SSO URL and download the Certificate.
3a. Return to the Identity Provider page in the Banyan Control Center (Settings > TrustProvider Settings > Identity Provider).
Ensure the User Identity Provider is set to SAML, and then enter the Banyan TrustProvider App parameters from OneLogin:
3b. Click Update Identity Provider Config to save the settings.
That’s it! You have successfully integrated OneLogin to manage your directory of users in Banyan.