This article applies to:
Admins
Premium Procurement
Estimated time: Less than 15 mins
About this article
Enable your employees to sign in to Vendr using Single Sign-On (SSO). This article covers creating a SAML integration and connecting your SSO provider to Vendr.
How it works
When you use the OneLogin SSO SAML integration employees will be prompted to log in to Vendr using single-sign-on through OneLogin instead of magic links. SAML provides a quick and secure method of passing user authentications and authorizations between your identity provider and Vendr.
Important Note:
We do not support multi-domain access to the Vendr app. All users must have an email that matches the domain in your Vendr Instance. Contact support with questions.
Benefits
Increase security by centralizing user access to Vendr through your SSO provider
Provide a quick and seamless way for employees to log into Vendr β no magic links required.
Requirements
Vendr Admin
OneLogin Admin
Note
Installing the OneLogin SSO integration does not sync users to Vendr for assigning steps in workflows. To sync users to Vendr you'll also need to configure an Identity Provider or HRIS integration.
Overview
To allow employees to log in to Vendr using your SSO provider, you will:
Create SAML Application
To kick this off, we'll begin OneLogin's admin area.
Create New SAML Application, First, create a New Application in OneLogin by selecting "Application" in the dropdown under the "Applications" menu.
Search for SAML and select SAML Advanced Connector. Add the application, enable the "Visible in portal" toggle, and click Save.
Info Settings - On the Info settings, enter "Vendr" as the Display Name, and please feel free to include our logo pre-sized for OneLogin.
Click on the Configuration settings on the left navigation bar to proceed.
Configuration Settings - Here, there are two main steps:
Adding key information provided by Vendr
Providing Vendr with OneLogin's metadata and cert file (XML).
In a new window, navigate to Vendr's SSO Settings page.
Select "OneLogin" as your SSO provider, and you'll be provided with four key pieces of information:
Audience URI
Recipient
ACS (Consumer) URL Validator
ACS (Consumer) URL
Copy and paste each of those four values into their respective fields back in your OneLogin tab. You can leave all the other inputs as is, and click Save on the top right to continue.
Copy Metadata.xml - The last step in OneLogin is to get the
Metadata.xml
content from your new application.Click the More Actions dropdown on the top right of the screen and click SAML Metadata to download your metadata file.
After downloading, open the file to view and copy the text.
Enable SSO in Vendr
Navigate to Vendr and select admin and then SSO
Select OneLogin as the SSO Provider
Upload the downloaded metadata file from the previous step to Metadata XML field
Click Submit
π Congrats! Your integration is now connected.
TIP
Vendr doesn't automatically support IdP-initiated logins. Users will be prompted to log in through OneLogin when users log in directly from Vendr.
To enable users to login to Vendr directly from the OneLogin dashboard add the following URL as an application bookmark:
https://app.vendr.com/#/login?via=saml&domain=YOUR_DOMAIN