Axero supports OneLogin integration for single sign-on (SSO). This page covers how to configure OneLogin SSO on your intranet and provides solutions to common issues.
Once OneLogin SSO is set up on your Axero intranet, users will be redirected to the OneLogin login page.
To allow users to log in using Axero credentials, set System Properties > EnableAutoLoginViaSaml to false. Users will see the Axero login page when this is set to false. They can log in with Axero credentials or click Login via SAML to use OneLogin credentials.
In the mobile app, users will be redirected to the OneLogin login page after entering the intranet site URL.
To allow users to log in using Axero credentials in the mobile app, set System Properties > EnableAutoLoginViaSaml to false. Users will then see the Axero login page. They can log in with Axero credentials or click SSO Login to use OneLogin credentials.
A user is created in Axero when they log into your intranet for the first time. You can add users to Axero before they log in using the methods below:
1. Bulk Import Users
Pre-populate users with Bulk Import Users before setting up OneLogin. The Axero usernames you create must match the usernames in OneLogin.
2. Manually Add Users
Add users in Control Panel > People > Manage People > Add User. The Axero username must match the username in OneLogin.
3. REST API Import
Use our REST API to import users: REST API: Add User, REST API: Update User Profile Fields.
Adding Axero Administrator Accounts
If Axero administrator accounts are created before OneLogin setup and the usernames match OneLogin usernames, the accounts will sync. If not, reconfigure permissions for the OneLogin accounts and remove the previous Axero administrator accounts.
Any data can be imported from OneLogin if there are corresponding User Profile Fields in Axero. Add attribute mappings to Control Panel > System > Single Sign-On > Data Mapping > SAML. Enter the attribute name as the property name in Axero. See the table below for common fields to import.
* The country code in OneLogin must match country options in Axero exactly.
You can also use our REST API to import user data into Axero.
User data is updated in Axero every time a user logs in.
Email and Username Change
When a user's email is changed in OneLogin, their Axero email will be updated the next time they log in. The Axero username won't be changed and must be updated manually by a site administrator.
When a user's assignment is removed in OneLogin, the user will be blocked from logging into Axero using OneLogin.
The user's account will still be active in Axero. You can Delete User and their content or reassign their content to another user or the system anonymous user. You can also Ban User, which will retain their content.
This guide walks you through enabling OneLogin SSO in Axero. Client-side setup takes 1-2 hours, and Axero team setup takes 1-2 hours. The total time to set up SSO is 1-2 business days from when a case is opened.
Once you complete the setup guide, OneLogin SSO will be active on your intranet.
Enter Application details:
SAML Audience URL: https://<domain_name>. Example https://yourintranet.communifire.com
SAML Consumer URL: https://<domain_name>/SAML/AssertionConsumerService.aspx. This should be the same domain you used for SAML Audience URL.
Under API Connection for SCIM Base URL type https://<domain_name/api/scim/v2>. Example https://yourintranet.communifire.com/api/scim/v2
Convert the .PEM file into .CER file
Suggestion: Use OpenSSL to convert .pem to .CER file.
After installing OpenSSL, go to the folder that contains the .PEM file. To convert the file, open a command line and use the command: openssl x509 -inform PEM -in onelogin.pem -outform DER -out yourfile.cer
On the command prompt use the command: openssl x509 -inform PEM -in onelogin.pem -outform DER -out yourfile.cer
onelogin.pem – the X.509 Certificate file you download.
yourfile.cer – the converted file.
Enter the following information:
Expand the SCIM User Provisioning section.
Copy the Bearer token:
Go back to OneLogin, scroll to the bottom of the Configuration page, and find the SCIM Bearer Token. Paste the Bearer Token you just copied from Axero.
Click Provisioning and under Workflow check Enable Provisioning and click Save.
Add parameters as shown
Email should be added to the parameters.
To configure provisioning, see OneLogin SCIM Configuration Guide
For more information or assistance from the Axero team, submit a private case.
is requesting access to a wiki that you have locked: https://my.axerosolutions.com/spaces/5/communifire-documentation/wiki/view/86759/onelogin-sso?locale=en-US%252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252f1%252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252f1%252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252f1%252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252f1
Your session has expired. You are being logged out.