Let Oomnitza be your single source of truth!
You'll get visibility of your users as data from OneLogin is automatically transformed into consumable information and actionable insights.
Connect Oomnitza and OneLogin in minutes
You'll get visibility of your OneLogin users by creating configurable workflows to automate tasks such as:
-
- Onboarding and offboarding users.
- Retrieving SaaS user roles.
- Managing a user status, locking and logging out users as part of an offboarding workflow.
- Creating and adjusting users as part of a user change or user onboarding workflow.
OneLogin Set User Status State
Before you start
Before you create workflows, you need to have added your OneLogin credentials to Oomnitza. Follow the steps in Adding your OneLogin credentials to Oomnitza.
Creating workflows
Create user workflows
To create a user workflow, you must complete these steps:
- Click Configuration > Workflows
- Click Add (+).
- Use search to find and select the Users object.
- and select People from the list.
- Drag and drop the API block onto the Sandbox.
- Click Edit on the API block and enter OneLogin in the search field.
- Select a preset:
- Enter the credentials you created in Adding your OneLogin credentials to Oomnitza.
- Select Advanced Mode.
- Select the Information tab. Review and ensure that the properties referenced in this location, such as
{{onelogin_user_id}}and the{{region}}exists in Oomnitza and is populated with information before you run this workflow. You can create a user integration to retrieve the OneLogin User ID before you run this workflow. -
Select the Response tab. You can access the complete response by inserting
{{response}}in the Response field, and then selecting the Oomnitza field or variable that you want to map to. See Mapping positive and negative responses. - Click Save and connect the blocks
-
Edit the Begin block.
- From the Actions dropdown, select when your workflow is triggered. You can trigger workflows to run when a new record is added and when a record is edited or archived. You can also configure the schedule to run at a specific time by selecting Schedule.
- Optional. In the Rule criteria section, you can add a rule to trigger the workflow. For example, the Status is set to Active, or the Email address is helen.troy@oomnitza.com.
- Validate the workflow and Activate it so that the workflow is live in your system.
Fig: Mapping the Get User Details response
Using the OneLogin Set User Status State preset
The Set User Status State preset enables you to update the state of a OneLogin user, by User ID.
The User ID and Region is referenced in the Advanced Mode > Information tab in the property {{onelogin_user_id}}{{region}}.
Valid values for the user state include:
- 0: Unapproved
- 1: Approved
- 2: Rejected
- 3: Unlicensed
For further information, refer to the OneLogin API Documentation: Set User State
Using the OneLogin Lock User Account preset
The Lock User Account preset can be used to lock a user’s account based on the policy assigned to the user, for a specific time you define in the request, or until you unlock it.
Set to the number of minutes for which you want to lock the user account.
- Set to
0if you want to lock the user account based on the Lock effective period (the period of time that a user's lockout period lasts) which is set in the policy assigned to the user. - If no policy is assigned to the user, setting this value to
0will lock the user’s account until you unlock it.
Note
If you do have a lock policy, the value can not be less time that the Lock effective period specified on a user policy.
The User ID and Region is referenced in the Advanced Mode > Information tab in the property {{onelogin_user_id}}{{region}}.
For further information, refer to the OneLogin API Documentation: Lock User Account
Using the OneLogin Log Out User preset
The Log out User preset terminates a user's OneLogin session. They will no longer be able to access to the OneLogin portal or initiate new SAML or OpenId Connect Single Sign-On flows. It won’t end the session in 3rd party applications that had been previously accessed via SSO.
The User ID and Region is referenced in the Advanced Mode > Information tab in the property {{onelogin_user_id}}{{region}}.
For further information, refer to the OneLogin API Documentation: Log User Out
Using the OneLogin Update User Details preset
The Update User preset updates a user, by User ID.
To refer to existing Oomnitza fields rather than entering the information manually, enter the field names in curly brackets, for example {{first_name}}{{email}}
The User ID and Region is referenced in the Advanced Mode > Information tab in the property {{onelogin_user_id}}{{region}}.
Did you know?
You can add additional user fields in the Advanced Mode > Params tab. For further information, refer to the OneLogin API Documentation: Update User by ID
Using the OneLogin Get User Details preset
The Get User Details preset retrieves a user's details, by User ID.
The User ID and Region is referenced in the Advanced Mode > Information tab in the property {{onelogin_user_id}}{{region}}.
For further information, refer to the OneLogin API Documentation: Get User by ID
Using the OneLogin Create User preset
The Create New User preset creates a new user in the OneLogin system.
To refer to existing Oomnitza fields rather than entering the information manually, enter the field names in curly brackets, for example {{first_name}}{{email}}
The Region is referenced in the Advanced Mode > Information tab in the property {{region}}.
Did you know?
You can add additional user fields in the Advanced Mode > Params tab. For further information, refer to the OneLogin API Documentation: Create User
Using the OneLogin Delete User preset
The Deleter User preset enables you to delete a OneLogin user, by User ID.
The User ID and Region is referenced in the Advanced Mode > Information tab in the property {{onelogin_user_id}}{{region}}.
For further information, refer to the OneLogin API Documentation: Delete User by ID
Reference articles for workflows
Creating Saas User workflows
Complete the following steps to configure the SaaS User Role block for OneLogin. Configuration of this SaaS User Role block will allow you to capture the OneLogin "User Role" in Oomnitza.
Prerequisites
Before you create a SaaS user workflow, you should have already run your extended user integration and selected User plus SaaS User to populate the OneLogin software entry in the Software > SaaS menu.
To create a Saas User workflow using the OneLogin User Role preset, complete the following steps:
- Click Configuration > Workflows > Saas Users from the menu.
- Click Add (+). The Begin and End blocks are automatically added to the sandbox.
- Enter the name and a description of the workflow.
- Edit the Begin block by adding the rules that will trigger the workflow. For further information see SaaS User Roles.
- Click the Blocks tab, and drag and drop the SaaS User Role retrieval block onto the canvas.
- Click the Edit icon.
- Enter OneLogin in the search field and choose the OneLogin User Role preset
- Click the right arrow >.
- Enter your Credentials.
- Supply your region, which can either be us or eu.
- Select the Deactivate User checkbox to deactivate the SaaS user in SaaS > OneLogin > Users if they are not found in your OneLogin instance.
- Click SAVE.
- Connect the blocks.
- Save, validate, and activate your workflow.
To view active OneLogin users in the SaaS Users UI, complete the following steps:
- Click Software from the menu.
- Select the SaaS tab, and select your software entry for OneLogin.
- Click Users in the side pane.
- The Role column will be populated with the user information to confirm that this user has been found in your OneLogin SaaS.
Comments
0 comments
Please sign in to leave a comment.