Synchronisation between your portal and your company's Onelogin directory is performed by polling the Onelogin directory periodically for changes. Communication between SafeTitan and Onelogin is handled via the Onelogin API.


Onelogin API acts as a gateway to data held in your Onelogin directory. Applications can communicate using the API by providing API credentials that is generated by Onelogin.


The steps to integrate your portal with Onelogin are detailed below.


Before you run the sync, if you require additional domains to be added to your portal, please contact support and we will add those for you.

Configuration within Onelogin


Within your Onelogin administration portal, you will need to create API credentials that will act as a ID and Secret for SafeTitan to access the Onelogin API and query your Onelogin directory.


  • Log in to your Onelogin administration portal.
  • Once logged in, the Developers -> Api Credentials tab.
  • Click New Credential.


  • Add a name for the permissions
  • Select permission ReadAll 
  • Click save



  • Once created. Select the newly generated API credentials.
  • Make note of the Client ID and Secret.



Configuration within SafeTitan portal



  • Log in to your SafeTitan portal.
  • Select the menu item User Manager -> AD Sync Configuration.



  • In the next screen, select the tab Onelogin Sync.



  • To enable Onelogin synchronisation with the portal, select the checkbox Enable Onelogin Sync


This will result in the form appearing to provide your Onelogin API Credentials (Client ID and Secret) and attribute mapping details. All fields are explained below: 



Field        Description    Mandatory
Client IDThis is the Client ID that was generated in the steps above.Yes
SecretThis is the Secret generated in Onelogin.
First Name attribute mappingThis will be the attribute in your Onelogin directory that contains the users First Name. This will be the unique identifier in the portal.Yes
Last Name attribute mappingThis will be the attribute in your Onelogin directory that contains the users Last Name. This will be the unique identifier in the portal.Yes
Email attribute mappingThis will be the attribute in your Onelogin  directory that contains the users Email address. This will be the unique identifier in the portal.Yes
Department attribute mappingIf applicable, this will be the attribute in your Onelogin directory that contains the users Department.No
Country attribute mappingIf applicable, this will be the attribute in your Onelogin directory that contains the users Country.No
Locale attribute mappingIf applicable, this will be the attribute in your Onelogin  directory that contains the users locale (defaults to en-US).No
Office attribute mappingIf applicable, this will be the attribute in your Onelogin  directory that contains the users Office location.No
Mobile / Cellular phone attribute mappingIf applicable, this will be the attribute in your Onelogin  directory that contains the users mobile phone number.No
External Id attribute mappingIf applicable, this will be the attribute in your Onelogin  directory that contains the users External Id (such as HR ID).
No
Business unit attribute mappingIf applicable, this will be the attribute in your Onelogin  directory that contains the users Business unit.
No



Once you have provided this information, click Save.


Select Test Synchronization Configuration to confirm that the settings you have saved are correct before you trigger synchronization.


Once you are satisfied that your settings are correct and you have saved them, select Trigger Synchronization Now. Note that the length of the synchronization process will vary depending on the traffic in the system as well as the size of the organization; that is, the number of users who are being processed by the system.


You can select View Sync History to see the progress of the synchronization and also to see a list of previously triggered user synchronizations.