OneLogin SAML with Looker


(sam) #1

This is a companion guide for the SAML setup doc that walks through the steps to take on the OneLogin side. This assumes that you already have a OneLogin account, and that SAML is enabled on your Looker instance.

If you don’t see SAML in the Admin menu of your Looker instance, email support@looker.com with the last four characters of your license key. This can be found on the main Admin > General page.

Part 1: Add the App in OneLogin

  1. Click “Add Apps” from any page in OneLogin.
  2. Search for the Looker app. Make sure to choose the “SAML 2.0” option.
  3. This will bring you to the Configuration page. You can save the default name and logos.
  4. On the “Configuration” tab, write in your Looker URL.

Part 2: Add the OneLogin Info to Looker

  1. In OneLogin, go to the “SSO” tab and copy the “Issuer URL”.
  2. Go to the Admin > SAML section of your Looker instance and paste that URL into the “IdP Metadata” section. Then click Load.
  3. This should populate the rest of the fields! Now you can “Test Authentication” and make sure it works.

That’s all! From there, you can refer back to our SAML doc on how to set up Group to Role Mapping, Merging, and Alternate Login.


#2

This is slightly out of date now. In the Looker Domain field type in the host only, not the full URL. Looks like OneLogin now automatically appends https:\\ to the beginning and samlcallback to the end so localhost:9999 will be enough