Overview
SAML Authentication is a paid add-on feature and must be enabled prior to use. Contact your account manager, or accountmanagers@responsive.io, to enable it.
OneLogin gives users the ability to access the applications and other resources they need to do their job by logging in once to a single interface.
Select the applicable tab for your edition of Responsive.
-
Configuring OneLogin
- Login to OneLogin using valid credentials.
- Click Administration.
- Click Applications and select Applications.
- Click Add App.
- Type Responsive in the Search box.
- Click on Responsive, then click Save.
- Click Configuration, then enter the value for RelayState.
Note: You can get the RelayState value in Responsive at Organization Settings > Security > SSO. If the SAML SSO feature is not visible, contact your Account Manager. - Click Parameters, then scroll down the Required Parameters section and click the field that has a value of No Default.
- A pop-up as shown below will be displayed. Select Company from the Value drop-down menu and click Save to update the value.
- Scroll down the Optional Parameters section and select the following values:
- Cost Center field: Select responsive_business_unit (Custom) as the value.
- Role field: Select responsive_user_role (Custom) as the value.
- Click Users from the left navigation pane, click on the user name, and make the required modifications.
- Click Save. A success message will be displayed as shown below:
- Click Privileges, enter a user name, then click Check.
- Click Add Admin.
The added user will be displayed as shown: - Click Save.
- Click More Actions and select SAML Metadata.
- Click Leave on the confirmation pop-up to download the metadata file to your computer.
Configuring OneLogin in Responsive
- Go to Organization Settings > My Organization > Security > SSO/SCIM and click Add Authentication method.
- Enter a name.
- Select SAML as the SSO Type.
- Click Upload Configuration File and upload the downloaded metadata file.
- Click Validate to validate the uploaded file. A success message will be displayed.
- Turn on the OneLogin SAML toggle.
- Click Save. The OneLogin SAML configuration is complete and the user can use SAML for authentication.
Logging into Responsive using SAML
Users can log in to Responsive using SAML in four ways.
Login from the OneLogin dashboard
- From the OneLogin dashboard, click OneLogin.
- Click Responsive.
You will be navigated to the Responsive application page.
Login from Responsive using OneLogin SSO
- Enter the URL app.rfpio.com.
- Click Continue.
A page as shown below will be displayed.
Login using an instance-specific URL
Contact your account manager to get instance specific URL, which can be bookmarked in your browser.
Just-in-Time provisioning
With Just-in-Time provisioning, you can use a SAML assertion to create regular and portal users on the fly the first time they try to log in. This eliminates the need to create user accounts in advance. For example, if you recently added an employee to your organization and have provided access to Responsive in your SAML Identity Provider, you don't need to manually create the user in Responsive. When they log in with single sign-on for the 1st time, their account is automatically created for them, eliminating the time and effort with on-boarding the account. The new user can be assigned as Admin or Manager or Team Member role by defining the role in the SAML integration. Choose None, It helps in protecting unauthenticated user login through SAML.
You can also select the default Business Unit for which the SSO login has to be configured (if business unit, a paid add-on has been enabled for your company).
Note: Multiple SSOs can be created for a single client instance. If interested, raise a support ticket. Once approved the team will enable it for the client. -
Essentials features are subscription-based and may not be available for all users. Contact your account manager, or accountmanagers@responsive.io, for more details.
Configuring OneLogin
- Login to OneLogin using valid credentials.
- Click Administration.
- Click Applications and select Applications.
- Click Add App.
- Type Responsive in the Search box.
- Click on Responsive, then click Save.
- Click Configuration, then enter the value for RelayState.
Note: You can get the RelayState value in Responsive at Organization Settings > Security > SSO. If the SAML SSO feature is not visible, contact your Account Manager. - Click Parameters, then scroll down the Required Parameters section and click the field that has a value of No Default.
- A pop-up as shown below will be displayed. Select Company from the Value drop-down menu and click Save to update the value.
- Scroll down the Optional Parameters section and select the following values:
- Cost Center field: Select responsive_business_unit (Custom) as the value.
- Role field: Select responsive_user_role (Custom) as the value.
- Click Users from the left navigation pane, click on the user name, and make the required modifications.
- Click Save. A success message will be displayed as shown below:
- Click Privileges, enter a user name, then click Check.
- Click Add Admin.
The added user will be displayed as shown: - Click Save.
- Click More Actions and select SAML Metadata.
- Click Leave on the confirmation pop-up to download the metadata file to your computer.
Configuring OneLogin in Responsive- Go to Organization Settings > My Organization > Security > SSO/SCIM and click Add Authentication method.
- Enter a name.
- Select SAML as the SSO Type.
- Click Upload Configuration File and upload the downloaded metadata file.
- Click Validate to validate the uploaded file. A success message will be displayed.
- Turn on the OneLogin SAML toggle.
- Click Save. The OneLogin SAML configuration is complete and the user can use SAML for authentication.
Logging into Responsive using SAML
Users can log in to Responsive using SAML in four ways.
Login from the OneLogin dashboard
- From the OneLogin dashboard, click OneLogin.
- Click Responsive.
You will be navigated to the Responsive application page.
Login from Responsive using OneLogin SSO
- Enter the URL app.rfpio.com.
- Click Continue.
A page as shown below will be displayed.
Login using an instance-specific URL
Contact your account manager to get instance specific URL, which can be bookmarked in your browser.
Just-in-Time provisioning
With Just-in-Time provisioning, you can use a SAML assertion to create regular and portal users on the fly the first time they try to log in. This eliminates the need to create user accounts in advance. For example, if you recently added an employee to your organization and have provided access to Responsive in your SAML Identity Provider, you don't need to manually create the user in Responsive. When they log in with single sign-on for the 1st time, their account is automatically created for them, eliminating the time and effort with on-boarding the account. The new user can be assigned as Admin or Manager or Team Member role by defining the role in the SAML integration. Choose None, It helps in protecting unauthenticated user login through SAML.
You can also select the default Business Unit for which the SSO login has to be configured (if business unit, a paid add-on has been enabled for your company).
Note: Multiple SSOs can be created for a single client instance. If interested, raise a support ticket. Once approved the team will enable it for the client. - Go to Organization Settings > My Organization > Security > SSO/SCIM and click Add Authentication method.