Contents
Create Acall application in OneLogin Administration
Search for and click "APPS" > "Add Apps" > "SCIM Provisioner with SAML (SCIM v2 Core)."
"Portal" > enter "Acall" in the Display NameName field (can be changed) and click "SAVE."
Customers using multiple Acall environments
Even when using multiple Acall environments, you can utilize the SSO feature by creating one Acall app per Acall environment on OneLogin.
For example, if you are using three Acall environments, such as "Tokyo Office," "Osaka Office," and "Group Company," you would create three corresponding Acall apps on OneLogin.
Acall application settings
Configuration ⇒ Application Details
Item | Value |
---|---|
SAML Audience URL | https://api.acall.jp |
SAML Consumer URL | https://api.acall.jp/auth/saml/callback |
💡 Note:
Customers using multiple Acall environments, please append a suitable string to the SAML Audience URL when setting it.
Example:https://api.acall.jp/2
In the later steps, the URL will be replaced to the one specified by Acall.
Configuration ⇒ API Connection
Item | Value |
---|---|
API Status | ENABLE |
SCIM Base URL | https://api.acall.jp/scim |
SCIM JSON Template | (Please see next section) |
SCIM Bearer Token | (Provided by Acall) |
Parameters ⇒ SCIM Provisioner with SAML (SCIM v2) Field
Item | Value |
---|---|
SCIM Username |
Adjust the SCIM JSON Template to send the following parameters.
{
"schemas": [
"urn:scim:schemas:core:1.0",
"urn:scim:my:custom:schema"
],
"userName": String, # E-mail ※ ( "{$user.email}" )
"externalId": String, # External ID ※ (Unique and unchanged; onelogin_id is recommended.)
"name": {
"givenName": String, # Family name ※ ( "{$user.firstname}" )
"familyName": String # Given name ※ ( "{$user.lastname}" )
},
"displayName": String, # Display name ※ ( "{$user.name}" )
"active": Boolean, # Active/Resigned ※ ( "{$user.status}" )
"roles": [
{
"primary": "true",
"value": String # Permission ※ Adjust the rules to output a text string "admin" or "general".
}
],
"phoneNumbers": [
{
"type": "mobile",
"value": String # SMS phone number
},
{
"type": "work",
"value": String # Extension phone number
},
{
"type": "sms",
"value": String # Voice call phone number
}
],
"accounts": [
{
"type": "google",
"value": String # G-Suite account
},
{
"type": "slack",
"value": String # Slack user id ※ Slack account email
}
]
}
Send information to Acall
Please contact Acall via contact form with your desired setup time/date (weekdays (excluding our holidays) 10:00 ~ 16:00 JST) and the following information.
Please allow 3 business days from the date of request for setup.
SSO
- Fingerprint ( "X.509 Certificate" ⇒ "View Details" ⇒ "Fingerprint" )
- SAML 2.0 Endpoint (HTTP)
- SLO Endpoint (HTTP)
Note:
Customers using multiple Acall environments, please provide the information for all the apps you have created.
Complete the SSO Setup
Replace the SAML Consumer URL
Enter the value provided by Acall in the [SAML Consumer URL].
Note:
For customers using multiple Acall environments, we will provide information for each app you have created.
In addition to the "SAML Consumer URL," we will also provide the value for the "SAML Audience URL." Please make sure to configure both accordingly.
Start provisioning
1. Enter the value provided by Acall in the SCIM Bearer Token in the Configuration menu.
2. Check "Enable provisioning" in the provisioning menu.
3. Assign users to be provisioned in the Users menu and start provisioning
Log in to Acall
After logging into OneLogin, select "Acall" at the top of the portal screen.
Comments
0 comments
Article is closed for comments.