OneLogin SSO Integration

OneLogin, Inc. is a cloud-based identity and access management provider that provides unified access management platform to businesses and organizations. Testim integrates with OneLogin, allowing users of OneLogin to authenticate once in OneLogin and then access Testim without authenticating again.


SSO is a premium feature. Make sure the SSO feature is enabled for your deployment. If it is not, contact your Testim CSM.

To setup the Testim OneLogin integration:

  1. Login to your OneLogin account.
  2. Go to Administration > Applications.
  3. Click Add App.
  4. In the search field, enter 'SAML Test Connector'.
  5. Click the 'SAML Test Connector (advanced)' option.
  1. In the Configuration screen, edit the Display Name to a more friendly name, such as 'Testim SSO'.
  2. You can optionally change the connector's icon by uploading the Testim icon. Click here to download the Testim icon.
  3. Click Upload to upload it to the square or rectangular icon placeholder.
  4. You can optionally add a description that will help your users know more about Testim.
  5. Click Save.
    At this point the connector has been created. Now you need to connect it to Testim.
  6. In another tab open Testim Automate, and click the user icon, located in the top-right corner.
  1. In the drop-down menu, click Settings and click the SSO tab.
  2. Under Testim Service Provider Details, under Assertion Consumer Service URL, click the Copy button.
  1. Go back to the tab where you have OneLogin open and go to the Configuration of the connector app.
  2. Paste the copied Assertion Consumer Service URL into the ACS (Consumer) URL Validator field and into the ACS Consumer URL field.
  1. Go back to the Testim Automate tab and copy the Logout URL code.
  2. In the OneLogin tab, paste this code into the Single Logout URL field.
  3. Click Save.
  4. Still in the OneLogin tab, go to the Parameters screen.
  5. Click the + button to add a parameter.
  1. In Field name, enter 'email'.
  2. Select the Include in SAML assertion checkbox.
  3. Click Save. A Value drop-down menu appears.
  4. In the Value drop-down menu, select Email. This maps the email field in Testim to the Email field in OneLogin.
  1. Click Save again.
  2. Repeat steps 20 – 25 for the following field combinations:
  • firstName (mapped to First Name)
  • lastName (mapped to Last Name)
  • profilePicture (mapped to Profile Picture) – this is optional
  1. Still in OneLogin, go back to the Info screen and click the More Actions drop down menu.
  2. Click the download icon next to SAML Metadata and save the file to a local folder.
  1. Go back to the Testim tab, click the Upload File button and select the metadata.xml file that you have just saved.
  1. In the same screen, enable the Enable SSO toggle.
  1. To ensure all users are only able to login through OneLogin, and not through the regular Testim login page, select the Force users to login via idP checkbox.
  1. Go back to the OneLogin tab and associate the newly created Testim SSO connector application to the relevant Users, Groups, or Roles. In this example we will show how to add a User, but the same applies to Groups and Roles.
  2. Navigate to Users > Users.
  3. Click on the desired user record. The user's User Info screen is displayed.
  4. Go to Applications.
  5. Click the + button to add a new application.
  6. Select the newly created application (e.g. Testim SSO) from the drop-down menu and click Continue.
    A list of the properties is displayed. These are the fields that were mapped between Testim and OneLogin.
  7. Click Save.
    The newly created app is created and will appear in the OneLogin portal of the specified users/groups/roles. From now these user(s) will be able to login to Testim from OneLogin SSO.