SSO: Configuring OneLogin for use with Kisi

SSO requires a Kisi Organization license. Please contact Kisi Support to learn more and upgrade your account.

Kisi supports SSO (Single Sign-On) with OneLogin as a way of authentication for your Organization. Below are the steps to our self-service SSO configuration.

Setting up SSO with OneLogin

To set up SSO, you must be the Kisi Organization Owner. For additional guidance on SSO setup, please refer to our Kisi API documentation.

1. Sign in to OneLogin
2. At the top, select Applications and then click on Add App
   
3. Search for Kisi and click on the app
   
4. Click Save to create the application
   
5. Once saved, please navigate to Configuration and enter your Kisi Domain. Every Organization in Kisi has a domain. It's an alphanumeric string that can also contain "-" character used to uniquely identify your organizations and required during signing in. If you do not remember your Kisi Domain, you can use Find My Organizations feature.
   
6. Navigate to SSO and copy the Issuer URL
   
   
7. Click Save

In Kisi:

1. Sign in to your Kisi Organization account
2. Under Setup, click on SSO & SCIM and paste the Metadata URL (Issuer URL copied above)
   
   
3. Click Save
4. Under Step 3, click on Generate Certificate

Now that you have generated the encryption certificate, go back to OneLogin and follow the steps below to complete the configuration.

1. Paste the contents of the encryption certificate you downloaded from the Kisi dashboard in the Public key section, under Configurations > SAML Encryption
   
   
2. Click Save
3. Assign users to the created Kisi application