Hubspot Single Sign-On (SSO) using OneLogin as Identity Provider
Hubspot Single Sign-On (SSO) using OneLogin as Identity Provider
miniOrange Hubspot OAuth Single Sign-On (SSO) application enables secure login into Hubspot CMS landing pages, blogs and other pages using OneLogin as OAuth provider. It supports advanced Single Sign-On (SSO) features such as user profile Attribute mapping, etc.
Here we will go through a guide to configure SSO between Hubspot and OneLogin . By the end of this guide, users should be able to login to Hubspot from OneLogin . To know more about miniOrange Hubspot OAuth Single Sign-On and other Hubspot Integrations, you can click here.
Feel free to contact us at hubspotsupport@xecurify.com to know more about how to install the miniOrange Hubspot OAuth Single Sign-On app.
Download And Installation
- Log into your Hubspot account as an admin.
- Click here to install miniOrange Hubspot OAuth Single Sign-On (SSO) app.
Steps to configure Hubspot Single Sign-On (SSO) Login with OneLogin as Identity Provider
1. Setup OneLogin as OAuth Provider
- First of all, go to https://app.onelogin.com/login and log into your Onelogin account.
- Click on the Administration.
- You will be presented with following screen. Hover on Applications and then click on Applications.
- Click on Add App Button.
- You will be shown a search list. Search for “OIDC” (OpenID Connect) and click on the search result as shown below.
- You will be shown a configuration screen. Fill the application name and other details as required, then click on Save.
- You will be redirected to the app details page. Go to Configuration tab and enter Redirect URI from miniOrange Single Sign-On (SSO ) app and click on Save.
- Go to SSO tab. There you will find the Client ID and Client Secret fields.Copy these credentials in miniOrange Single Sign-On (SSO ) app configuration on corresponding fields.
Step 1.1: Assign the users to OneLogin SSO Application:
- Hover on the Users tab and click on the Users option from the menu.
- You will be shown the users list available on your onelogin platform. Select a user you want to give access to your application.
- Now for that user, go to the Applications tab from the left menu and click on blue + icon to add the application.
- Select the application from the drop down list for which you want to allow SSO for that user and click on Continue.
- Complete the configurations and click on the Save button. After save the application will be listed in the user profile,now this user can SSO into your hubspot site using his OneLogin credentials for this application.
2. Setup Hubspot as OAuth Client
- Install the miniOrange Single Sign-On (SSO) app on your hubspot account and Click on Connect App.
- You will see the following screen where you need to fill in the Client ID, Client Secret scope and the Endpoint URLs in the
(Refer to the below table). Also enable the Send in Header parameter option.
Client ID Click Here Client Secret Click Here Scope openid email profile Authorize Endpoint: https://OneLogin-app-domain/oidc/2/auth Access Token Endpoint: https://OneLogin-app-domain/oidc/2/token Get User Info Endpoint: https://OneLogin-app-domain/oidc/2/me - Click on Save button and then Test Configuration.
- After successful login, you will see all the values returned by your OneLogin to Hubspot in a table.
- Restricting access to your HubSpot website can help to protect your pages from unauthorized access. By restricting access, you can ensure that only authorized users can view and interact with your pages. This can be useful for protecting sensitive information. This will allow you to restrict access to your hubspot pages / content as visitors will be needed to login first and then they will be able to access the hubspot page. This will also help you to track your vistors and also generate potential leads.
- Now go to you Hubspot dashboard and Click on CMS HUB Free -> Marketing ->Website and choose Website Page or Blog. We have chosen Website Pages for this tutorial.
- Select the page on which you want to enable (Forced Authentication or SSO) and click the Edit button. Here we have seleceted and HomePage.
- Goto Settings tab and scroll down to Advanced Settings. Copy the script that you see in Step 6 and paste it inside the HTML section of Advanced Settings and click Publish button.
- Now, if you go to the page in which you included the script, you will see the following screen and required to put in Login Credentials of your Identity Provider.
- Fill in the login credentials and click Login, you will be redirected to the website page successfully.
Restrict public access to Hubspot website/ pages/ content (Landing Page or Blog)
Congratulations! You have successfully integrated OneLogin with Hubspot to enable OneLogin users to see your Hubspot content.
Track your visitors (Contact Sync)
- After a user logs in through the Single Sign-On feature, a contact will be created which includes his details that are received from the OneLogin (Identity Provider) for the particular user.
- This can be very useful for generating leads, as it allows you to quickly and easily add new contacts to your HubSpot marketing and sales pipelines. By using contact sync, you can ensure that your HubSpot account is always up-to-date with the latest information about your leads and customers (site visitors), which can help you to more effectively target your marketing efforts and generate more qualified leads.
Additional Resources
- Hubspot Single Sign-On (SSO)
- Wordpress Hubspot Single Sign-On(SSO)
- AWS Cognito Hubspot Single Sign-On(SSO)
- Hubspot Security and API Integration
Need Help?
Mail us on hubspotsupport@xecurify.com for quick guidance(via email/meeting) on your requirement and our team will help you to select the best suitable solution/plan as per your requirement.