Integrate OneLogin SSO

Want your team to access Tallyfy with their OneLogin credentials? You’ll set up SAML-based Single Sign-On (SSO) to handle authentication automatically. Takes about 30 minutes.

• OneLogin administrator account
• Tallyfy Professional or Enterprise plan
• SAML configuration values from Tallyfy Support

Here’s what you’ll do:

1. Create a OneLogin SAML application connector
2. Configure SAML settings in both systems
3. Enable and test the SSO integration

This diagram shows the complete OneLogin-Tallyfy SAML setup and authentication flow.

• Configuration requires exchanging metadata between OneLogin and Tallyfy Support
• Users access through a special SSO URL after setup is complete
• New users are automatically provisioned on first login

1. Sign in to your OneLogin portal

2. Open the Administration menu

3. Navigate to Applications > Applications

4. Click Add App

   

1. Search for “SAML Test Connector”

2. Select SAML Test Connector (Advanced)

3. Edit the Display Name to “Tallyfy”

4. Click Save

   

You’ll need Tallyfy’s default SAML values to configure OneLogin properly:

1. Contact Tallyfy Support to access your organization’s profile

2. Navigate to the Org Settings tab

3. Click Add Configuration Details

4. Locate the default SAML values section

   

1. Navigate to the Configuration tab in your OneLogin application connector.

2. Enter the Tallyfy SP ACS URL into the ACS (Consumer) URL field.

3. Enter the same URL into the Recipient field.

4. Enter the Tallyfy SP Entity ID into the Audience (EntityID) field.

5. Enter the ACS URL again into the ACS (Consumer) URL Validator field.

6. Click Save.

   

1. Navigate to the Parameters tab in your OneLogin application.
2. Add the three parameters detailed below.

Add these three parameters - and don’t forget to check the Include in SAML assertion box for each one:

Here’s how to add each parameter:

1. Click the + button in the top-right corner of the parameters table.

2. Enter the parameter name (e.g., “Email”) and map it to the corresponding user attribute (Value field).

3. Check the Include in SAML assertion box.

4. Click Save.

   

1. Navigate to the Access tab in your OneLogin application

2. Configure user access by selecting appropriate roles or users

3. In this example, we’re using the Default role to grant access

4. Click Save

   

1. Navigate to the SSO tab in your OneLogin application.

   

2. Note the SAML 2.0 Endpoint (HTTP).

3. Note the Issuer URL.

4. Note or download the X.509 Certificate.

1. Send the SAML 2.0 Endpoint (HTTP) to Tallyfy Support.

2. Send the Issuer URL to Tallyfy Support.

3. Send the X.509 Certificate to Tallyfy Support.

4. Tallyfy Support will configure these values in your organization’s SAML settings.

   

Once Tallyfy Support confirms they’ve configured your SAML settings, it’s time to flip the switch:

1. Toggle the SAML activation switch to enable SSO for your organization

   

After you’ve completed the integration:

1. Get the Tallyfy login URL from the SAML configuration modal (Tallyfy Support provides this)

2. Share this URL with your team members who have access to the OneLogin application

   

When users access Tallyfy through this URL:

• Existing Tallyfy users get in immediately with automatic authentication
• New users? They’re provisioned in Tallyfy on their first login (yes, it’s that simple)

Running into authentication issues? Check these common culprits:

• Make sure the user has been assigned to the OneLogin application
• Double-check parameter mappings are configured with exact names - even a tiny typo breaks everything
• Verify the required attribute flags are enabled
• Confirm users are using the SSO URL (not the regular Tallyfy login page)
• Still stuck? Contact Tallyfy Support for help