Skip to content
Visit Access on GitHub
Set theme to dark (⇧+D)

OneLogin OIDC

OneLogin provides SSO identity management. Cloudflare Access supports OneLogin as an OIDC IdP.

Set up OneLogin OIDC as your IdP

To set up OneLogin as your IdP:

  1. Log in to your OneLogin admin portal.

  2. Select Apps > Custom Connectors.

    OneLogin OIDC

    The Custom Connectors card displays.

    OneLogin Custom Connectors

  3. Click New Connector.

  4. Name the connector.

    The connector name card displays. Our example uses access-oidc for the connector name.

    OneLogin OIDC Application Basic Configuration page

  5. In Sign-On Method, select the OpenID Connect option.

  6. In the Redirect URI field, enter your authentication domain and include this callback at the end of the path: /cdn-cgi/access/callback.

  7. Click Save.

  8. Select More Actions > Add App to Connector.

    OneLogin OIDC Application Basic Configuration page More Actions menu

  9. In the Portal section, enter a name for your application in the Display Name field.

    OneLogin OIDC Add Application Configuration page

  10. Click Save.

  11. Select the Access tab.

    OneLogin OIDC Add Application Access page

  12. Add the Roles that can access this application.

  13. Select the SSO tab.

    OneLogin OIDC Add Application SSO page

  14. Click Show client secret.

  15. Copy both the Client ID and Client Secret.

  16. In Cloudflare Access, scroll to Login Methods, click Add and select the OneLogin icon.

    The Add a OneLogin identity provider card displays.

    Cloudflare Access Add a OneLogin identity provider card

  17. Paste in your copied Client ID and Client secret.

  18. Click Save and then Test.

    On successful connection to your OneLogin IdP, a confirmation screen displays.

    Successful Connection

Example API Config

{    "config": {        "client_id": "<your client id>",        "client_secret": "<your client secret",        "onelogin_account": "",    },    "type": "onelogin",    "name": "my example idp"}