FAQs in this section
What is SAML?
What is Single Sign-On or SSO?
Does Vtiger have the provision of SAML-based login?
Which Vtiger editions allow me to log in via SAML?
How can I log in to Vtiger via OneLogin?
Is SAML-based login available in all Vtiger editions?

How can I configure SAML in Vtiger?

To log in via your SAML server, you must add Vtiger as a service in your SAML-based IDP and simultaneously configure SAML in Vtiger.

Since each one of us might use a different IDP, let’s take the example of OneLogin to enable SAML login in Vtiger.

Follow these steps to enable SAML login in Vtiger using OneLogin: 

Step 1: Enable SAML login in Vtiger.

  1. Click the User Menu on the top right corner of the screen.
  2. Click the Settings button.
  3. Look for the User Management section.
  4. Select Authentication.
  5. Click the Edit icon on the Authentication page.
  6. Enable the checkbox beside SAML.
Note: Perform the step above regardless of the IDP that you are using.
 

Step 2: Perform the OneLogin setup.

  1. Log in to OneLogin.
  2. Click the Applications tab.
  3. Select Applications.
  4. Click the Add App button.
  5. Search for SAML Test Connector using the search bar.
  6. Select SAML Test Connector (IdP w/ attr w/ sign response).
  7. Set up a display name, icon, and other basic details. 
  8. Click Save.
 

Step 3: Set up SAML in Vtiger.

Note: Perform the step above regardless of the IDP that you are using.
  1. Click the SSO tab in OneLogin.
  2. Click View Details under X.509 Certificate in OneLogin.
  3. Copy the certificate and paste it into X.509 Certificate in Vtiger.
  4. Copy the following from OneLogin and paste them in Vtiger:
    • Issuer URL into IDP Entity ID
    • SAML 2.0 Endpoint (HTTP) into IDP SSO URL
    • SLO Endpoint (HTTP) into IDP SLO URL
  5. Click Save in Vtiger.
  6. Click the Configuration tab in OneLogin.
  7. Copy the following from Vtiger and paste them in OneLogin:
    • SP ACS URL into ACS (Consumer) URL Validator
    • SP ACS URL into ACS (Consumer) URL
  8. Insert a backslash (\) before each forward-slash (/) in ACS (Consumer) URL Validator to make it a regular expression.
  9. Click Save.

The NameID parameter in OneLogin is used to identify users. Vtiger expects the NameID parameter to be of the type Email and verifies it against the value in the Username field in Settings > Users.

Follow these steps to set the NameID value:

  1. Click the Parameters tab in OneLogin.
  2. Select Email (SAML NameID).
  3. Select Email from the Value dropdown.
Home Privacy Policy Terms of Service Security Center Policy & Legal Center
© Copyright 2021 Vtiger. All rights reserved.
Powered by Vtiger
Facebook Twitter Linkedin Youtube