Single Sign-On with OneLogin

This guide provides step-by-step instructions on setting up OneLogin as a SAML IdP for your Cloudsmith Organization.

This guide provides step-by-step instructions on setting up OneLogin as a SAML IdP for your Cloudsmith Organization.

Adding Cloudsmith to OneLogin

Cloudsmith is not yet an integrated application in OneLogin. You'll have to add Cloudsmith manually so you can configure SSO.

Step1

Log into OneLogin and click Administration in the top right:

21222122
Step2

Choose Applications from the top menu:

20482048
Step3

Click the blue Add App button in the top right:

294294
Step4

Search for "SAML test connector" and choose "SAML Test Connector (Advanced)":

14041404
Step5

On the next screen (Add SAML Test Connector (Advanced)), enter the Display Name as "Cloudsmith". (You can optionally add the Cloudsmith logo too for easier visibility, you can find hi-res versions of the logo here):

14901490
Step6

Click the blue Save button in the top right:

286286
Step7

Once saved, a number of additional options will appear in the sidebar. Click "Configuration":

544544
Step8

Next, we'll configure SAML settings. To determine your Single sign on URL we use the following format: "https://cloudsmith.io/orgs/MY_ORG_NAME/saml/acs/", where "MY_ORG_NAME" is replaced with your organization's slug.
We use this URL for the Audience, Recipient, and ACS (Consumer) URL values in the form below.

For ACS (Consumer) URL Validator use ".*".

13901390
Step9

Further down the page, for SAML signature element choose "Assertion".

914914
Step10

Hit the blue Save button at the top of the page.

Step11

Next, we'll configure OneLogin to also send the user's first and last names during sign-in.

Click on Parameters in the sidebar, and then the small blue "+" symbol on the right:

16341634
Step12

Add a new parameter named "FirstName" and ensure the box labelled "Include in SAML assertion" is checked:

11801180

Hit the blue Save button. Then choose First Name from the drop-down presented:

11721172

Hit the blue Save button.

Step13

Repeat the above process for the "LastName" attribute.

Step14

Hit the blue Save button in the top-right to save all changes. Once configured, the parameters should appear as below:

32943294
Step15

Choose the SSO tab in the sidebar and change the SAML Signature Algorithm to "SHA-256".

13441344
Step16

Hit the blue Save button in the top-right to save all changes.

Step17

Your application is now configured on OneLogin and you can add users groups as required using the Users tab in the sidebar:

15441544

Providing configuration to Cloudsmith

Once configured as above, you'll need to provide metadata to Cloudsmith to connect to your newly configured IdP.

In the SSO tab of your configuration screen you should see a link that provides metadata for dynamic configuration. This is named Issuer URL:

27382738

Copy this link and add it to your Cloudsmith organization SAML settings.

All wrapped up!

Your application should now appear on the OneLogin portal as normal:

644644

You can then enable SAML authentication in your Cloudsmith SAML settings and you can use OneLogin to begin logging in straight away.

You'll be able to access the landing page of your organization at the following URL:
https://cloudsmith.io/orgs/ORG/saml/login/

Where ORG is your organization's slug/identifier (what you would normally see in the URL when accessing your organization within Cloudsmith). If you're not sure what this is, please just ask us.

If you have any feedback on our SAML functionality or features you wish we supported, please do let us know as it'll help inform our roadmap in future.


Did this page help you?

Cloudsmith is the new standard in Package / Artifact Management and Software Distribution

With support for all major package formats, you can trust us to manage your software supply chain.


Start My Free Trial Now
Cookie Declaration (Manage Cookies)