You can find out more about eSpatial and SSO here https://help.espatial.com/manage-groups-and-users/single-sign-on-sso-overview. In this article we look at the configuration details to setup SSO between eSpatial and the SAML 2.0. compliant OneLogin (https://www.onelogin.com/). Note that you need to have an enterprise eSpatial account to have the SSO functionality.

Enable SSO on your Account

  • Click on your username drop down in the top right corner. 
  • Select Manager Groups & Users. 
  • Click on the SSO Configuration Link. 

OneLogin Setup

Your Onelogin Administrator needs to configure the setup between eSpatial and OneLogin. 

  • Add a new OneLogin Application
  • Ensure that it is SAML 2.0
  • Give it an appropriate Name and Logo
  • Go to the Configuration Tab
  • Copy the value from the eSpatial field "Service Provider Entity Id (Audience URI)" to the OneLogin Field "Audience"
  • Copy the value from the eSpatial field "ACS SSO URL" and copy into both the "Recipient" and "ACS (Consumer) URL" in OneLogin 
  • Copy ".*." into "ACS (Consumer) URL Validator" field in OneLogin

The go to the SSO Tab in OneLogin

  • Set "SAML Signature Algorithm" to "SHA-256"
  • Copy the "Issuer URL" from OneLogin to the field " Identity Provider Metadata URL" in eSpatial
  • Confirm your settings in OneLogin by pressing save
  • Confirm your settings in eSpatial by selecting enable SSO

User Setup and Testing

  • Click on the users tab in OneLogin to ensure that at least one user has access to the eSpatial app from OneLogin to test
  • Log out of eSpatial
  • In OneLogin, go to your App Portal/Home

  • Click on the eSpatial Link from your portal and log into eSpatial from OneLogin
  • Click on the eSpatial Link from your portal and you will be redirected (& logged in) to eSpatial from OneLogin

Did this answer your question?