Contact Us
|
+44 01737 647882
|
Log In
Human Focus Logo
|
|
Product has been added to your basket.
Fully Accredited Courses
24/7 Online Training
Discounts on Bulk Buying
Desktop, Tablet & Mobile

Single Sign ON (SSO) Set-up for OneLogin

Please follow the below steps to configure SAML 2.0-based Single Sign-On (SSO) between OneLogin and the Human Focus e-Learning system.

This guide walks your OneLogin Administrator through creating a custom SAML 2.0 application connector, configuring parameters, and assigning users or roles. Once complete, send the Identity Provider details to Human Focus and our team will activate SSO for your account. For assistance contact support@humanfocus.co.uk.

1. Sign in to OneLogin Administration and go to Applications

Sign in to your OneLogin Administration portal at your-subdomain.onelogin.com using your Administrator account. In the top navigation bar, click Applications, then select Applications from the dropdown menu.

1 OneLogin Dashboard Applications Users Security Reports A Admin Applications App Catalog Connectors Applications Manage SAML and other SSO applications for your organisation + Add App Search applications... NAME CONNECTOR USERS STATUS ACTIONS S Salesforce SAML 2.0 Salesforce (SAML) 142 Active G Google Workspace SAML 2.0 Google Workspace (SAML) 98 Active → Click "+ Add App" above to begin adding the Human Focus SAML application

2. Search for “SAML Custom Connector” and select it

In the Find Applications search box, type SAML Custom Connector. From the results, click SAML Custom Connector (Advanced). This gives you full control over all SAML parameters required for Human Focus.

1 OneLogin Find Applications Search the OneLogin catalogue or create a custom SAML connector SAML Custom Connector SEARCH RESULTS S SAML Custom Connector (Advanced) Full SAML 2.0 control. Use for custom integrations. Select this app → S SAML Custom Connector (Basic) Limited SAML configuration. S SAML Test Connector (IdP) For testing IdP-initiated flows. → Select "SAML Custom Connector (Advanced)" — this provides the full parameter set required for Human Focus Do not use the Basic connector as it does not expose all required fields

3. Name your application and click Save

You will be taken to the application’s Info tab. In the Display Name field, enter a recognisable name — for example “Human Focus e-Learning”. Optionally add a description and upload a logo. Click Save to create the application before configuring SAML settings.

1 OneLogin HF Human Focus e-Learning SAML Custom Connector (Advanced) · New application Save Info Configuration Parameters Rules SSO Access Privileges Display Name * Human Focus e-Learning Description (optional) Human Focus e-Learning SAML SSO App icon (optional) Upload

4. Go to the Configuration tab and enter the SAML SP details

Click the Configuration tab. Enter the following Human Focus Service Provider values in the fields shown. Leave the RelayState field completely empty — do not enter any value here.

Audience (EntityID)
https://www.humanfocus.org.uk/
ACS (Consumer) URL Validator
https:\/\/www\.humanfocus\.org\.uk\/CBTbyB\/SAML\/AssertionConsumerService\.aspx
ACS (Consumer) URL
https://www.humanfocus.org.uk/CBTbyB/SAML/AssertionConsumerService.aspx
RelayState
(leave blank — do not enter any value)
Important — RelayState must be empty: Leave the RelayState field blank. Entering a value here will cause login redirects to fail. Do not populate this field.
1 OneLogin HF Human Focus e-Learning SAML Custom Connector (Advanced) Save Info Configuration Parameters Rules SSO Access Application details Audience (EntityID) https://www.humanfocus.org.uk/ ACS (Consumer) URL Validator (regex) ^https:\/\/www\.humanfocus\.org\.uk\/CBTbyB\/SAML\/AssertionConsumerService\.aspx$ ACS (Consumer) URL https://www.humanfocus.org.uk/CBTbyB/SAML/AssertionConsumerService.aspx RelayState (empty — do not enter any value) ⚠ Must remain blank Single Logout URL (optional) (leave blank)

5. Set SAML Signature and Name ID format on the Configuration tab

Click the Parameters tab. Click the + button to add each of the following parameters. These allow Human Focus to receive the correct user identity details upon sign-in. For each parameter, set the flag “Include in SAML assertion” to on.

1 OneLogin Human Focus e-Learning Configuration tab (continued) Save SAML Initiator SAML Initiator Service Provider Sign SLO Response No SAML nameID format Email Encrypt SAML Assertion No ⬆ Set this to "Email" SAML Signature Algorithm SHA-256 Click Save after confirming these settings before moving to the Parameters tab.

6. Go to the Parameters tab and add user attribute mappings

On the Attribute mapping screen, click Add mapping and configure the attributes below. These allow Human Focus to receive the correct user identity and assign the appropriate role upon sign-in.

Field name (Human Focus attribute) Value (OneLogin field) Include in SAML assertion
first_name First Name ✓ Yes
last_name Last Name ✓ Yes
email Email ✓ Yes
roles Department (or a custom attribute) ✓ Yes
Role Mapping: If you want to enable Role Mapping within Human Focus to automatically assign learner or manager permissions, ensure the roles attribute is populated consistently across your OneLogin user profiles. Please contact Human Focus to confirm the expected role values.
1 OneLogin Human Focus e-Learning Save Info Configuration Parameters Rules SSO Application parameters + Add parameter FIELD NAME VALUE INCLUDE IN SAML ACTIONS NameID (default) Email first_name First Name ✓ Yes Edit · Delete last_name Last Name ✓ Yes Edit · Delete email Email ✓ Yes Edit · Delete roles Department ✓ Yes Edit · Delete

7. Go to the Access tab and assign users or roles

Click the SSO tab. This page displays the Identity Provider details you need to send to Human Focus. You will find the SAML 2.0 Endpoint (HTTP), SLO Endpoint (HTTP), and X.509 Certificate. You can also click View Details to see the full certificate, or click Download to save it.

1 OneLogin Human Focus e-Learning Save Info Configuration Parameters Rules SSO Access Policy & Role access Allow users to log in to this app ON Roles Select roles that should have access to Human Focus e-Learning Default × Training Dept × + Add role Users Individual users assigned to this app will also have access regardless of role. Search users to assign...

8. Go to the SSO tab and collect the Identity Provider details

Under the Google Identity Provider details section (accessible from the left-hand settings panel of your new SAML app), you will find the Login URL, Entity ID, and Certificate. This data needs to be sent to Human Focus.

1 OneLogin Human Focus e-Learning Save Info Configuration Parameters Rules SSO Access Identity Provider details Send the values below to Human Focus at support@humanfocus.co.uk to complete the SSO configuration. SAML 2.0 Endpoint (HTTP) https://your-subdomain.onelogin.com/trust/saml2/http-post/sso/000000 Copy SLO Endpoint (HTTP) https://your-subdomain.onelogin.com/trust/saml2/http-redirect/slo/000000 Copy Issuer URL https://app.onelogin.com/saml/metadata/000000 Copy X.509 Certificate MIIDdzCCAl+gAwIBAgIGAXrqCFvWMA0GCSqGSIb3DQE... View Details ⬇ Download

Email the following to support@humanfocus.co.uk referencing your account name:

SAML 2.0 Endpoint (HTTP) — IdP SSO URL
https://your-subdomain.onelogin.com/trust/saml2/http-post/sso/{app-id}
Issuer URL — IdP Entity ID
https://app.onelogin.com/saml/metadata/{app-id}

Also download and attach the X.509 Certificate file. Our team will typically activate SSO within 1–2 business days of receiving your details.

Note:
Note: The endpoint URLs and Issuer URL are unique to your OneLogin subdomain and application. Copy them directly from the SSO tab — do not use the example values shown here.