This section is only meant for DataCamp Enterprise administrators that are setting up SSO with OneLogin as their IDP. Only proceed if you have read and understood our SSO documentation.
OneLogin Configuration Instructions
Create an application in OneLogin
-
Go to “Apps” and “Add an app”
-
Search for “SAML Custom Connector (Advanced)”
-
Set the display name to “DataCamp” and upload a logo (you can find the DataCamp logo HERE)
-
Click “Save”
Configure your application in OneLogin
-
Under the "Configuration" tab, add the "Entity ID/SAML Audience" URL from DataCamp into the "Audience" field of OneLogin.
-
Under the "Configuration" tab, add the "Recipient/Assertion Consumer" URL from DataCamp into the "Recipient" field of OneLogin.
-
Under the “Configuration” tab, add the “Recipient / Assertion Consumer” URL from DataCamp in the “ACS (Consumer) URL” field of OneLogin.
-
Under Consumer URL Validator:
-
As an example, consider this ACS (Consumer) URL: https://datacamp.com/groups/{example}/sso/saml/consume
-
A secure ACS (Consumer) URL Validator regular expression would be: ^https:\/\/datacamp\.com\/groups\/{example}\/sso\/saml\/consume$
-
-
Under the “Parameters” tab, add the following fields:
-
Under “Field name”, enter email and check the “Include in SAML assertion flag”, after saving select “Email” in the dropdown list
-
Under “Field name”, enter firstName and check the “Include in SAML assertion flag”, after saving select “First Name” in the dropdown list
-
Under “Field name”, enter lastName and check the “Include in SAML assertion flag”, after saving select “Last Name” in the dropdown list
-
-
Save your changes.
-
Navigate to the “SSO” tab in your OneLogin application settings:
-
Copy the Issuer URL and paste into DataCamp in the Entity ID / Issuer URL field
-
Copy the SAML 2.0 Endpoint and paste into DataCamp in the Login URL / SSO Endpoint field
-
Click on the x.509 Certification and “View Details”. Copy and paste the entire certificate and paste it into DataCamp under the IdP Certificate field.
-
-
Assign members to your new application in DataCamp:
-
Members will need to be assigned to the application in Onelogin to access DataCamp.
-
Important: Be sure to assign yourself to the application so that you can access the settings once SSO has been enabled.
-
-
Warning! If you’ve selected “Require SSO login from all members and admins” in your DataCamp SSO settings page, the final steps below will log you out of DataCamp and you will need to sign into DataCamp using your IdP credentials.
Confirm the information has been added in DataCamp under your SSO settings tab and click “Enable SSO”.