This article will walk you through how to configure Braze to use OneLogin for single sign-on.
OneLogin is a cloud identity platform that provides a comprehensive solution for managing user identities. OneLogin integrates with cloud and on-premise applications using SAML 2.0, for Single Sign-On (SSO), user provisioning, multi-factor authentication, and more.
Upon setup, you will be asked to provide a sign-on URL and an Assertion Consumer Service (ACS) URL.
|Braze Domain||You will need your Braze domain to set up Braze within OneLogin. If your instance is
For example, if your dashboard URL is
|RelayState API key||To enable IdP login, create an API key in the Developer Console under API Settings with
Idp-initiated login within OneLogin
Step 1: Configure the Braze app
- Log into OneLogin. Click on Administration.
- Go to Apps > Add Apps in the top navigation bar. Search for “Braze” and select the Braze app.
- Save the Braze app to your Company.
- Once saved, go to Configuration and add your Braze Domain and RelayState API key.
- Braze expects the SAML assertions in a specific format. Under Parameters the attributes supported by Braze should be pre-populated. Verify that they are correct.
- Copy the Certificate and SAML 2.0 Endpoint (HTTP) needed to set up the Braze dashboard from under the SSO tab.
Step 2: Configure OneLogin within Braze
Once you have set up Braze within your OneLogin, they will provide a Target URL (
SAML 2.0 Endpoint (HTTP)) and
x.509 certificate which you will input into your Braze account.
After your account manager has enabled SAML SSO for your account, go to Company Settings > Security Settings and toggle the SAML SSO section to ON.
On this page, input the following:
||This will appear as the button text on the login screen. This is typically your IdP name, like “OneLogin”.|
||This is the
If you want your Braze account users to only sign in with SAML SSO, you can restrict single sign-on authentication from the Company Settings page.