For enterprise customers, minware supports integration with SAML identity providers. minware uses
Auth0 for authentication, which supports all identity providers (IdPs) that conform to the SAML
1.1. or SAML 2.0 protocol. See more specific instructions below:
Follow these instructions to configure OneLogin as an identity provider for minware.
Step 1: Add Application
Navigate to your onelogin account at https://<domain>.onelogin.com/admin2
From the menu select Applications -> Applications
Select Add App
Search for “SAML Custom”
Select “SAML Custom Connector (Advanced)”
Step 2: Set Info
Set a display name for this application, like “minware”
Uncheck “Visible in portal”
Step 3: Set Configuration
Select the Application you just created above
Navigate to “Configuration” and fill in the following fields:
Audience (EntityID): urn:auth0:prod-minware:onelogin-<orgname> (replacing
with your organization's "Org Handle" on your Org Profile settings page in minware)
These values will need to be sent to support@minware to complete the authentication process.
Select the Application you created above
Navigate to SSO
Save the following values (to view the x.509 certificate, you have to click “View Details”):
SAML 2.0 Endpoint (HTTP)
SLO Endpoint (HTTP)
X.509 Certificate
Finally, you will need to provide:
The email domain(s) that you would like to login with OneLogin - These users will be
redirected to OneLogin to login whenever the email domain matches.
Send an email to support@minware.com with these four items to complete your setup, and we will
reach out to discuss how you would like to provision your users.
Configuring Okta as SAML Identity Provider
Follow these instructions to configure Okta as an identity provider for minware:
Use the SAML App Wizard to create your SAML integration. When done, you'll be directed to the Sign On page for your newly-created app.
Click View Setup Instructions to complete the process.
Note the Identity Provider Single Sign-On URL, and download a copy of the X.509 certificate.
Send an email to support@minware.com with the following. We will then reach out to discuss how you would like to provision your users.
Sign In URL - The Identity Provider Single Sign-On URL you noted from the Okta setup
wizard
X509 Signing Certificate - Attach the certificate you downloaded from Okta.
Configuring Other Identity Providers (IdPs)
minware supports all identity providers that conform to the SAML 1.1. or SAML 2.0 protocol. Here we
have specific instructions for particular identity providers, and you can contact
support@minware.com for instructions if you use another identity provider. In general, you will need
to provide three pieces of information to configure a SAML IdP with minware:
Sign In URL - The URL where SAML authentication requests are sent. This is also called the
single sign-on (SSO) endpoint.
Sign Out URL - The URL where SAML logout requests are sent. This is also called the single
logout (SLO) endpoint.
X509 Signing Certificate - The public-key certificate required by the SP to validate the
signature of the authentication assertions that have been digitally signed by the IdP. We accept
the .pem and .cer formats.
Provisioning Users
Once you have configured your SAML identity provider with minware, users will automatically be
allowed to log into minware without you needing to send them invitations. Please contact us at
support@minware.com to discuss how you would like to provision users. In particular, we will need to
know how you would like to determine the user's role, team, and ticket system identity in minware
based on the metadata available from your identity provider.