SAML single sign on with OneLogin

Updated 10 months ago by Andrew White

For best practices and tips for using SAML with askSpoke, check out our  SAML overview article 

Please note: askSpoke limits each email address to 1 active askSpoke organization. If you see the error “You are not a member of this org” please make sure to leave other organizations before attempting to log in using SAML.
  1. Log into OneLogin. Go to the administration panel, then navigate to Apps > Add Apps.
  2. Search for askSpoke, then select the Ask askSpoke SAML 2.0 App.

On the Configuration  tab, click save  to add the app to your company apps. 

On the Configuration tab, enter your Org ID from askSpoke.

Your Org ID is the prefix of your ask askSpoke URL. ie:

Go to "Access" and set policies for askSpoke. New Policies can be set in "Settings/Policies."

If you want to assign spoke to individual users, navigate to "Users/All Users"

Once you are finished, click "save." 

Navigate to the SSO tab and copy the three values you need for askSpoke. 

  • SAML 2.0 Endpoint (HTTP)
  • Issuer URL 
  • X.509 Certificate. 

To Copy the Certificate, select "View Details"

 Then select "Copy to Clipboard"

Configuration Steps

Log into askSpoke and navigate to the Integrations menu.

  1. Navigate to Settings
  2. Select the Integrations Menu
  3. Find the SAML tile and choose Connect

Copy the following fields from your Onelogin setup page into the askSpoke Settings/SAML Page.

  1. Sign on URL: Paste the SAML 2.0 Endpoint URL from Onelogin here
  2. Issuer: Paste the Issuer URL from Onelogin here
  3. Public certificate: Paste the X.509 certificate from Onelogin here
  4. Press Test SAML connection

Once the test is completed, you can push Enable SAML

Uncheck the checkbox if you don't want to email notifications of SAML being enabled to your team.

How did we do?

Powered by HelpDocs (opens in a new tab)