Custom Authentication with OneLogin enables SAML-based single sign-on (SSO) from OneLogin to Zoho One. With SSO, you and your employees can sign in to OneLogin and access Zoho One directly, without having to sign in to Zoho One.
To set up custom authentication with OneLogin:
- Sign in to OneLogin's admin console.
- Click Applications, then Add App.
- Search for 'SAML Test Connector'.
- Choose SAML Test Connector (IdP w/ attr w/ sign response).
- Enter "Zoho One" under display name. Upload logos if needed.
- Click Save.
- Go to the SSO tab, then copy the SAML 2.0 Endpoint (HTTP) and the SLO Endpoint (HTTP). Under X.509 Certificate, click View details, then download the X.509 PEM file.
- Go to the Configuration tab then enter the following details:
- RelayState: Enter "https://one.zoho.com/".
- Audience: Enter "https://accounts.zoho.com/".
- Recipient: Enter the ACS URL found in Zoho One's Custom Authentication page.
- ACS (Consumer) URL Validator: Enter the ACS URL found in Zoho One's Custom Authentication page.
- ACS (Consumer) URL: Enter the ACS URL found in Zoho One's Custom Authentication page.
- Single Logout URL: Enter "https://accounts.zoho.com/logout/samlsp/<ZOID>".
Note: <ZOID> is the last part of your ACS URL.
- Click Save.
- Use the details from Step 7 to set up SAML in Zoho One.
- Enter SAML 2.0 Endpoint (HTTP) under Sign-in URL.
- Enter SLO Endpoint (HTTP) under Sign-out URL.
- Upload the X.509 PEM file under Verification Certificate.