Alteryx Connect Knowledge Base

Definitive answers from Connect experts.
It's the most wonderful time of the year - Santalytics 2020 is here! This year, Santa's workshop needs the help of the Alteryx Community to help get back on track, so head over to the Group Hub for all the info to get started!

Configuring SAML on Alteryx Connect for OneLogin

Moderator
Moderator
Created

How To: Configuring SAML on Alteryx Connect for OneLogin

 

The information will assist with configuring Alteryx Connect to be function with OneLogin

 

Prerequisites

 

  • Alteryx Connect  2019.1
  • OneLogin
    • Account with access to perform administration tasks
    • All users must have an email address attribute

 

Procedure

  1. Login to Alteryx Connect using the Administrator account, change the Base URL to match the FDQN of the machine in Administration Console > Connect Configuration > Instance setting, make sure the Base URL is NOT http://localhost:
           WilliamC_0-1579733615608.png

 

      2. In the OneLogin Administration screen, highlight Apps in the top navigation menu and select Add Apps

      3. On the Find Applications screen, search for SAML in the box provided, and select OneLogin SAML Test (ldP)

      4. Fill in the name, description and the details for Alteryx Connect, then, click Save

 

        WilliamC_4-1579143879567.png
 

 

     5. Click the More Options button on top right and select to download the SAML Metadata file:

 

        WilliamC_5-1579144178148.png

 

     6.  Click Configuration in the navigation menu, fill out details according to your Alteryx Connect's url

          

       SAML Consumer URL: your Connect URL with /aas/Saml/Acs appended to the end

       SAML Audience: "Entity ID" provided by Alteryx Connect (Admin Console > Connect Configuration > Single Sign On)

       SAML Recipient: "Single Sign On URL/Destination URL" provided by Alteryx Connect (Admin Console > Connect Configuration > Single Sign On)

       SAML Single Logout URL: "Single Logout Endpoint" provided by Alteryx Connect (Admin Console > Connect Configuration > Single Sign On)

        Leave ACS URL Validator blank, when finished, click Save.

 

     7. Under the Parameters section, we will need map the Claims of email, firstName and lastName, select "Include in SAML assertion" when add these parameters. Email (NameID) is a starting Field provide by OneLogin, ignore this.  The end result of Parameters is showing as below:

 

        WilliamC_6-1579145201164.png

 

     8. Select the users under User section, and click on Applications on left hand side, add the Alteryx Connect application to the user:

 

        WilliamC_7-1579145427916.png

 

      9. Navigate to Alteryx Connect's Administrator Console > Connect Configuration > Single Sign on, Click + ADD to add the SAML authentication. For Name and Description, you can give any custom values. 

 

      10. Under Identity provider details, select the check box of "Upload IDP metadata", and Choose the file download at step 4, and click SAVE

 

        WilliamC_8-1579146074220.png

 

       11. Log out of Alteryx Connect, and in the Log in page, you will see the OneLogin SSO option, click on there, it will navigate to the OneLogin sign in page:

 

             WilliamC_9-1579146292544.png

      

Once the user have logged in once, the OneLogin method will automatically authenticate the user into Alteryx Connect when the user clicked on the OneLogin option in Connect's login page.

 

Common Issues

 

  • The configuration for OneLogin works for Alteryx Connect if the Entity ID is "com.alteryx.saml.localhost"
  • In the earlier version of Alteryx Connect, the Entity ID is "Localhost"

  

Additional Resources

 

  • Once the user have logged into Alteryx Connect using OneLogin SSO, the OneLogin administrator can see the sign in entry in Activity > Reports, under Application access

 

        WilliamC_10-1579146849192.png