OneLogin OIDC
OneLogin provides SSO identity management. Cloudflare Access supports OneLogin as an OIDC identity provider.
Set up OneLogin as an OIDC provider
Log in to your OneLogin admin portal.
Go to Applications > Applications and select Add App.
Search for
OIDCand select OpenId Connect (OIDC) by OneLogin, Inc.In Display Name, enter any name for your application. Select Save.
Next, go to Configuration. In the Redirect URI field, enter the following URL:
https://<your-team-name>.cloudflareaccess.com/cdn-cgi/access/callbackYou can find your team name in Zero Trust under Settings > Custom Pages.
Select Save.
Go to Access and choose the Roles that can access this application. Select Save.
Go to SSO and select Show client secret.
Copy the Client ID and Client Secret.
In Zero Trust,, go to Settings > Authentication.
Under Login methods, select Add new.
Select OneLogin.
Fill in the following information:
- Name: Name your identity provider.
- App ID: Enter your OneLogin client ID.
- Client secret: Enter your OneLogin client secret.
- OneLogin account URL: Enter your OneLogin domain, for example
https://<your-domain>.onelogin.com.
(Optional) Under Optional configurations, enter custom OIDC claims that you wish to add to your Access application token.
Select Save.
To test that your connection is working, go to Authentication > Login methods and select Test next to OneLogin.
Example API Config
{ "config": { "client_id": "<your client id>", "client_secret": "<your client secret>", "onelogin_account": "https://mycompany.onelogin.com" }, "type": "onelogin", "name": "my example idp"
}