Aircall Help Center | Configuring OneLogin for SAML Authentication

Configuring OneLogin for SAML Authentication

This guide explains how to set up SAML Single Sign-On (SSO) for Aircall using OneLogin.

Important: These instructions apply only to companies that have had SAML Single Sign-On activated by Aircall. To request activation, please contact your Account Manager. This functionality is currently available to a limited number of customers.

Note: IDP-initiated SAML sign-in is not supported. Once SAML is configured, users must log in through the Aircall Dashboard or app login page using the Sign in with SSO option.

1. Create a SAML app integration

Follow these steps to create a SAML app in OneLogin:

From the OneLogin portal, select Administration.
At the top of the Administration page, click Applications, then choose Add app.
In the Find Applications search bar, enter saml, and select SAML Test Connector (IdP).
(Optional) On the Add SAML Test Connector (IdP) page, customize your app:
- Display Name: Enter a name and description, such as acme-saml@aircall.
- Rectangular Icon and Square Icon: Upload icons as per the specifications on the page.
- Description: Add a short summary, for example For Aircall.
Click Save.

2. Configure SAML integration for your OneLogin app

In your newly created app, go to the Configuration tab.
Complete the following fields:
- RelayState: https://dashboard.aircall.io
- Audience: urn:amazon:cognito:sp:us-west-2_hZkGBmIsz
- Recipient: https://sso.aircall.io/saml2/idpresponse
- ACS (Consumer) URL Validator: https://sso.aircall.io/saml2/idpresponse
- ACS (Consumer) URL: https://sso.aircall.io/saml2/idpresponse
- Single Logout URL: Leave blank.
Click Save.

Next, configure parameters for your app:

Note: You will already see one default parameter (NameID (fka Email)); this is expected.

Click Parameters.
Click Add parameter to create a new custom field.
In the New Field dialog:
- Field name: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier
- Flags: Select Include in SAML assertion.
Click Save.
For Value, select Email from the dropdown list.
Click Save again.

3. Assign people to your OneLogin app

To enable SAML authentication for Aircall users:

Click Users.
Search for users or select Roles/Groups.
Click Save to assign the app to individuals or groups.

4. Export the metadata

Click SSO in the OneLogin app.
Under Issuer URL, copy the URL to your clipboard.
Use this URL as your metadata when finalizing the setup with Aircall.

For additional details about SAML, please refer to the OneLogin SAML documentation or contact our Customer Success team.

Configuring OneLogin for SAML Authentication

This guide explains how to set up SAML Single Sign-On (SSO) for Aircall using OneLogin.

Important: These instructions apply only to companies that have had SAML Single Sign-On activated by Aircall. To request activation, please contact your Account Manager. This functionality is currently available to a limited number of customers.

Note: IDP-initiated SAML sign-in is not supported. Once SAML is configured, users must log in through the Aircall Dashboard or app login page using the Sign in with SSO option.

1. Create a SAML app integration

Follow these steps to create a SAML app in OneLogin:

From the OneLogin portal, select Administration.
At the top of the Administration page, click Applications, then choose Add app.
In the Find Applications search bar, enter saml, and select SAML Test Connector (IdP).
(Optional) On the Add SAML Test Connector (IdP) page, customize your app:
- Display Name: Enter a name and description, such as acme-saml@aircall.
- Rectangular Icon and Square Icon: Upload icons as per the specifications on the page.
- Description: Add a short summary, for example For Aircall.
Click Save.

2. Configure SAML integration for your OneLogin app

In your newly created app, go to the Configuration tab.
Complete the following fields:
- RelayState: https://dashboard.aircall.io
- Audience: urn:amazon:cognito:sp:us-west-2_hZkGBmIsz
- Recipient: https://sso.aircall.io/saml2/idpresponse
- ACS (Consumer) URL Validator: https://sso.aircall.io/saml2/idpresponse
- ACS (Consumer) URL: https://sso.aircall.io/saml2/idpresponse
- Single Logout URL: Leave blank.
Click Save.

Next, configure parameters for your app:

Note: You will already see one default parameter (NameID (fka Email)); this is expected.

Click Parameters.
Click Add parameter to create a new custom field.
In the New Field dialog:
- Field name: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier
- Flags: Select Include in SAML assertion.
Click Save.
For Value, select Email from the dropdown list.
Click Save again.

3. Assign people to your OneLogin app

To enable SAML authentication for Aircall users:

Click Users.
Search for users or select Roles/Groups.
Click Save to assign the app to individuals or groups.

4. Export the metadata

Click SSO in the OneLogin app.
Under Issuer URL, copy the URL to your clipboard.
Use this URL as your metadata when finalizing the setup with Aircall.

For additional details about SAML, please refer to the OneLogin SAML documentation or contact our Customer Success team.