Skip to main content
Configure SSO for your Yasu workspace using OneLogin as your identity provider.
Before starting, complete the generic SSO setup prerequisites and have the SAML configuration values from Yasu’s SSO page ready.
1

Create a SAML application

  1. Sign in to the OneLogin Admin Portal
  2. Go to ApplicationsApplicationsAdd App
  3. Search for SAML Custom Connector (Advanced) and select it
  4. Name the application (e.g., “Yasu”) and click Save
2

Configure SAML connection settings

  1. Go to the Configuration tab
  2. Set the following fields:
    • Audience (EntityID) → paste the Entity ID from Yasu’s SSO page
    • ACS (Consumer) URL Validator → paste the ACS URL from Yasu’s SSO page (escape dots with \.)
    • ACS (Consumer) URL → paste the ACS URL from Yasu’s SSO page
  3. SAML nameID format → select Email
  4. Click Save
3

Configure attribute mappings (parameters)

Go to the Parameters tab and add the following fields (click the + to add each):
Field nameValueInclude in SAML assertion
emailEmail
nameFirst Name + Last Name
displayNameUser.DisplayName
memberOfMemberOf
The memberOf parameter sends group memberships in the SAML assertion. This is required if you want to use role mapping. Ensure that the users are assigned to the relevant groups in OneLogin under UsersGroups.
Click Save after adding all parameters.
4

Download metadata and configure Yasu

  1. Go to the More Actions dropdown (top-right) → SAML Metadata
  2. This downloads the metadata XML file
  3. In Yasu, go to IntegrationsSSO Configuration and click Configure SSO
  4. Select OneLogin as the identity provider
  5. Enter your company domain
  6. Paste or upload the metadata XML
  7. Click Add Domain
5

Assign users to the application

  1. Go to the Users tab of the OneLogin application
  2. Use Roles or individual assignment to grant access:
    • Via Roles: Go to UsersRoles, create or edit a role, and add the Yasu app to it
    • Via Users: Go to UsersUsers, select a user, go to Applications, and click + to assign the Yasu app
  3. Click Save
Assigned users can now sign in to Yasu via SSO. New users will be automatically provisioned via JIT provisioning.

Attribute Mapping Reference

When configuring attribute mapping in Yasu for OneLogin, use these values:
Yasu fieldOneLogin attribute
Name attributeUser.DisplayName
Picture attributeUser.PhotoURL
Groups/role attributememberOf
These are auto-configured when you select OneLogin as the identity provider during setup.