ASP.NET OAuth Single Sign-On (SSO) module gives the ability to enable
OAuth Single Sign-On for your ASP.NET applications. Using Single Sign-On
you can use only one password to access your ASP.NET application and
services. Our module is compatible with all the OAuth compliant Identity
providers. Here we will go through a step-by-step guide to configure
Single Sign-On (SSO) between ASP.NET and OneLogin considering OneLogin as
OAuth Provider.
Download And Extract Package
-
Download
miniOrange ASP.NET OAuth 2.0 Module.
-
For Setting up the connector, extract the
asp-net-oauth-sso-module.zip, you will find a DLL file
miniorange-oauth-sso.dll, a configuration file
oauthsso.config and a integration.md file which contain
the steps for adding the module into your application.
1. Add the connector in your application
-
Add miniorange-oauth-sso.dll in bin folder (where your other DLL
files exists) for your application.
-
Register miniorangeoauthsso module in your application according
to the provided steps in the integration.md file.
-
Add the provided configuration file oauthsso.config in the root
directory for your application.
-
After integration open browser and browse the connector dashboard with
URL below:
https:// <your-application-base-url>/?ssoaction=config
-
If it pop up the registration page or login page, you have successfully
added the miniOrange oauth sso connector for your application.
- Register or Login for configuring the connector.
2. Setup OneLogin as OAuth Provider
-
First of all, go to
https://app.onelogin.com/login
and log into your Onelogin account.
-
You will be presented with following screen. Hover on
Applications and then click on
Applications.
-
You will be shown a search list. Search for
“OIDC” (OpenID Connect) and click on the search result
as shown below.
-
You will be shown a configuration screen. Fill the application name and
other details as required, then click on Save.
-
You will be redirected to the app details page. Go to
Configuration tab and enter Redirect URL from
miniOrange ASP.NET OAuth Client and click on
Save.
-
Go to SSO tab. There you will find the Client ID
and Client Secret fields which you will
require in Step 3 to configure
miniOrange ASP.NET OAuth Client.
1. Assign the users to OneLogin SSO Application:
-
Hover on the Users tab and click on the Users option from
the menu.
-
You will be shown the users list available on your onelogin platform.
Select a user you want to give access to your application.
-
Now for that user, go to the Applications tab from the left menu
and click on blue + icon to add the application.
-
Select the application from the drop down list for which you want to
allow SSO for that user and click on Continue.
- Complete the configurations and click on the Save button.
-
The application will be listed in the user profile as shown in the image
below and now this user can SSO into your WordPress site using his
OneLogin credentials for this application.
OneLogin Endpoints and Scope:
Client ID : |
Click Here |
Client Secret : |
Click Here |
Scope: |
openid |
Authorize Endpoint: |
https://<site-url>.onelogin.com/oidc/auth |
Access Token Endpoint: |
https://<site-url>.onelogin.com/oidc/token |
Custom redirect URL after logout:[optional]
|
https://<api-domain>/api/1/users/:id/logout |
3. Configure miniOrange ASP.NET OAuth Client
-
After configuring your OAuth Provider, it will provide you with
Client ID, Client Secret, Authorize Endpoint, Access Token
Endpoint
and Get User Info Endpoint. Configure these values under
respective fields.
-
Fill all the required details and click on
Save Configuration.
4. Test Configuration
-
After saving configuration, click on the
Test Configuration button to verify if you have configured
correctly.
-
On successful configuration, you will get
Attributes Name and Attribute Values on Test Configuration
window. The below screenshot shows a successful result.
-
5. Attribute Mapping
-
Map Attribute Names provided by your OAuth Server with your ASP.NET
application Attributes given under Attribute Mapping Section and click
on Save Attribute Mapping.
-
Note: All the mapped attributes will be stored in the session so that
you can access them in your application.
6. Integration Code
-
You can find the integration code in Integration Code tab in the
connector. Just copy-paste that code snippet wherever you want to access
the user attributes.
7. Add following link in your application for Single Sign-On (SSO)
-
Use the following URL as a link in your application from where you want
to perform SSO:
http://base-url/?ssoaction=login
-
For example you can use it as:
<a href="http://base-url/?ssoaction=login”>Log
in</a>"
You can configure the ASP.NET SAML 2.0 Single Sign-On (SSO) module with
any Identity Provider such as
ADFS, Azure AD, Bitium, Centrify, G Suite, JBoss Keycloak, Okta,
OneLogin, Salesforce, AWS Cognito, OpenAM, Oracle, PingFederate,
PingOne, RSA SecureID, Shibboleth-2, Shibboleth-3, SimpleSAML, WSO2 or
even with your own custom identity provider.