This article will walk you through how to configure braze to use onelogin for single sign-on.
OneLogin is a cloud identity platform that provides a comprehensive solution for managing user identities. OneLogin integrates with cloud and on-premise applications using SAML 2.0, for Single Sign-On (SSO), user provisioning, multi-factor authentication, and more.
Upon setup, you will be asked to provide a sign-on URL and an Assertion Consumer Service (ACS) URL.
|Braze Domain||You will need your Braze domain to set up Braze within OneLogin. If your instance is
For example, if your dashboard URL is
Service Provider (SP) initiated login within OneLogin
Step 1: Configure the Braze app
Log into OneLogin. Click on Administration.
Go to Apps > Add Apps in the top navigation bar. Search for “Braze” and select the Braze app.
Save the Braze app to your Company.
Once saved, go to Configuration and add your Braze Domain.
Copy the Certificate and SAML 2.0 Endpoint (HTTP) needed to set up the Braze dashboard from under the SSO tab.
Step 2: Configure OneLogin within Braze
Once you have set up Braze within your OneLogin, they will provide a Target URL (
SAML 2.0 Endpoint (HTTP)) and
x.509 certificate which you will input into your Braze account.
After your Account Manager has enabled SAML SSO for your account, go to Company Settings > Security Settings and toggle the SAML SSO section to ON.
On this page, you, input:
||This will appear as the button text on the login screen. This is typically your IdP name, like “OneLogin”.|
||This is the
Create and enable a Braze API key for IdP login (optional)
To enable IdP initiated login, you will first need to create an API Key in Developer Console > API Settings.
Input the generated API Key as the
RelayState parameter within OneLogin under Configuration, which will be used to identify which company the user is trying to log into.
If you want your Braze account users to only sign in with SAML SSO, you can restrict single sign-on authentication from the Company Settings page.