Using OneLogin as Sign-in for Blissfully

Setting up OneLogin SSO

This guide requires a user who is both an admin of OneLogin, as well as an admin of Blissfully.

Create New SAML Application

First, create a New Application in OneLogin by selecting "Application" in the dropdown under the "Applications" menu. Search for SAML and select SAML Test Connector (IdP w/attr w/ sign response). Add the application, enable the "Visible in portal" toggle, and click Save.

Info Settings

On the Info settings, enter "Blissfully" as the Display Name, and please feel free to include our logo pre-sized for OneLogin. Click on the Configuration settings on the left navigation bar to proceed.

Configuration Settings

Here, there are two main steps: adding key information provided by Blissfully, and providing Blissfully with OneLogin's metadata and cert file (XML).

In a new window, navigate to Blissfully's SSO Settings page or click here. Select "OneLogin" as your SSO provider, and you'll be provided with three key pieces of information: the Audience URI, ACS (Consumer) URL Validator, and ACS (Consumer) URL. Copy and paste each of those three values into their respective fields back in your OneLogin tab. You can leave all the other inputs as is, and click Save on the top right to continue.

Copy Metadata.xml

The last step in OneLogin is to get the Metadata.xml content from your new application. Click the More Actions dropdown on the top right of the screen and click SAML Metadata to download your metadata file.

After downloading, open the file to view and copy the text and then return to your browser tab with Blissfully SSO Settings, and paste the text content of the file into the Metadata XML area. Click Submit to complete the setup.

Congrats! You've set up OneLogin as the SSO provider for Blissfully. Your users can now login into Blissfully by providing their work email, and we will route to OneLogin for authentication.

Note: Blissfully doesn't currently support SAML IdP logins. Users will need to initiate their OneLogin authentication using their work email address on the Blissfully login page.