Inspire EMEA 2022 On-Demand is live! Watch now, and be sure to save the date for Inspire 2023 in Las Vegas next May.

Alteryx Connect Knowledge Base

Definitive answers from Connect experts.

Configuring SAML on Alteryx Connect for OneLogin

kchen
Alteryx
Alteryx
Created

How To: Configuring SAML on Alteryx Connect for OneLogin

The information will assist with configuring Alteryx Connect to be function with OneLogin

Prerequisites

  • Alteryx Connect 2019.1
  • OneLogin
    • Account with access to perform administration tasks
    • All users must have an email address attribute

Procedure

  1. Login to Alteryx Connect using the Administrator account, change the Base URL to match the FDQN of the machine in Administration Console > Connect Configuration > Instance setting, make sure the Base URL is NOT http://localhost:
WilliamC_0-1579733615608.png

2. In the OneLogin Administration screen, highlight Apps in the top navigation menu and selectAdd Apps

3. On the Find Applications screen, search for SAML in the box provided, and select OneLogin SAML Test (ldP)

4. Fill in the name, description and the details for Alteryx Connect, then, click Save

WilliamC_4-1579143879567.png

5. Click the More Options button on top right and select to download the SAML Metadata file:

WilliamC_5-1579144178148.png

6. Click Configuration in the navigation menu, fill out details according to your Alteryx Connect's url

SAML Consumer URL:your Connect URL with/aas/Saml/Acsappended to the end

SAML Audience:"Entity ID" provided by Alteryx Connect (Admin Console > Connect Configuration > Single Sign On)

SAML Recipient: "Single Sign On URL/Destination URL" provided by Alteryx Connect (Admin Console > Connect Configuration > Single Sign On)

SAML Single Logout URL:"Single Logout Endpoint"provided by Alteryx Connect (Admin Console > Connect Configuration > Single Sign On)

LeaveACS URL Validatorblank, when finished, click Save.

7. Under theParameterssection, we will need map the Claims of email, firstName and lastName, select "Include in SAML assertion" when add these parameters. Email (NameID) is a starting Field provide by OneLogin, ignore this.The end result of Parameters is showing as below:

WilliamC_6-1579145201164.png

8. Select the users under Usersection, and click onApplicationson left hand side, add the Alteryx Connect application to the user:

WilliamC_7-1579145427916.png

9. Navigate to Alteryx Connect's Administrator Console > Connect Configuration > Single Sign on, Click + ADD to add the SAML authentication. For Name and Description, you can give any custom values.

10. Under Identity provider details, select the check box of "Upload IDP metadata", and Choose the file download at step 4, and click SAVE

WilliamC_8-1579146074220.png

11. Log out of Alteryx Connect, and in the Log in page, you will see the OneLogin SSO option, click on there, it will navigate to the OneLogin sign in page:

WilliamC_9-1579146292544.png

Once the user have logged in once, the OneLogin method will automatically authenticate the user into Alteryx Connect when the user clicked on the OneLogin option in Connect's login page.

Common Issues

  • The configuration for OneLogin works for Alteryx Connect if the Entity ID is "com.alteryx.saml.localhost"
  • In the earlier version of Alteryx Connect, the Entity ID is "Localhost"

Additional Resources

  • Once the user have logged into Alteryx Connect using OneLogin SSO, the OneLogin administrator can see the sign in entry in Activity > Reports, under Application access

WilliamC_10-1579146849192.png
No ratings