Skip to content
  • Home
  • Developers
  • API
  • Releases
  • Community
  • University
  • Status
  • Home
  • Developers
  • API
  • Releases
  • Community
  • University
  • Status
Home Administration Secure Access Single Sign-on: OneLogin
Getting Started Session Replay Data Management Data Types Charts Chart Examples Dashboard Templates Analysis Guides Administration Integrations Heap Connect Data Privacy

Table of Contents

Was this article helpful?

Yes No

Thank you for your feedback!

Single Sign-on: OneLogin

In this article you'll learn:

  • Complete steps for setting up OneLogin single sign-on for Heap
This doc is for: Admins

Overview

Security Best Practice

If you use SSO, we strongly recommend that you set up mandatory 2FA for all Heap admins.

To learn more, see enabling mandatory 2FA for your Heap domain.

OneLogin SSO allows you to manage access to Heap using a secure and scalable identity management system. Integrating with OneLogin means you can provide your teammates with an easy sign-in with no extra passwords needed.

Prerequisites

To set up OneLogin SSO with Heap, you’ll need to have the following:

  • Admin access to your organization’s Heap account
  • Administrator rights in your organization’s OneLogin account

Setup

Note that once SSO is enabled, it will be enforced as mandatory for all non-Admins in your Heap workspace.

To set up OneLogin with Heap, complete these steps:

1. Navigate to the Applications > Applications section of your OneLogin administrator dashboard

2. Click the Add App button

3. Search for and choose Heap and click Save

4. In Heap, navigate to Account > Manage > Account settings

5. Copy the App ID from the Single Sign-On section and paste it into OneLogin’s configuration tab and click Save

6. Enable the API

7. Switch to the SSO tab and copy the SAML 2.0 Endpoint (HTTP) URL, then paste it into the Remote login URL field in Heap

8. Click View Details for the X.509 Certificate and copy the entire certificate into Heap into the text box labeled Your SAML Identity Provider certificate. This must include the ‘—–BEGIN CERTIFICATE—–‘ and ‘—–END CERTIFICATE —–‘

The General Settings page in Heap with an arrow pointed at the 'Your SAML Identity Provider certificate' field

9. Back in Heap, click on Save Configuration then Test Provider – if everything is working properly, this should redirect you back to Heap!

10. Last but not least, click Enable Provider, then add additional teammates as needed

Once configured, your teammates can select Sign-in with SSO on the Heap login page and log in using their email address only.

Was this article helpful?

Yes No

Thank you for your feedback!

Last updated June 28, 2023.

OneLoginsingle sign-onSSO
  • Blog
  • Partners
  • Legal
  • Security
  • Terms
  • About
  • Careers
  • Privacy
  • Contact Us

© 2023 Heap, Inc.