Skip to main content

Add OneLogin as an identity provider

Use OneLogin to give your organization users single sign-on (SSO) access to Aiven.

Prerequisite steps in Aiven Console

Add OneLogin as an identity provider in the Console.

Configure SAML on OneLogin

  1. Log in to the OneLogin Admin console.

  2. Select Applications and click Add App.

  3. Search for SAML Custom Connector (Advanced) and select it.

  4. Change the Display Name to Aiven.

  5. Add any other visual configurations you want and click Save.

  6. In the Configuration section of the menu, set the following parameters:

    ACS URL Validation[-a-zA-Z0-9@:%._\+~#=]{2,256}\.[a-z]{2,6}\b([-a-zA-Z0-9@:%_\+.~#?&//=]*)
    ACS URLACS URL from Aiven Console
    Login URL
    SAML InitiatorService Provider (or OneLogin if your users will sign in through OneLogin)
    SAML nameID formatEmail
  7. Click Save.

  8. In the SSO section of the menu, set SAML Signature Algorithm to SHA-256.

  9. Copy the certificate content, Issuer URL and SAML 2.0 Endpoint (HTTP). These are needed for the SAML configuration in Aiven Console.

  10. Click Save

  11. Assign users to this application.

Finish the configuration in Aiven

Go back to the Aiven Console to configure the IdP and complete the setup.


If you are getting errors, try this:

  1. Go to the app in OneLogin and click Settings.
  2. Under More Actions, select Reapply entitlement Mappings.

If you continue to have issues, you can use the SAML Tracer browser extension to check the process step by step.