OneLogin is a leading provider of Identity management solutions. Specifically you can use OneLogin to manage access to your Helpy instance with the SAML protocol.

1. Log into Helpy as an Administrator.
   
   
2. Click settings, and choose the “Authentication” settings menu item.
   
   
3. Select SAML SSO. You will see the following panel:

   [insert image]
   
   

4. There are two URLs you will need from here:
   
   The “Assertion Consumer Service URL” also known as the SSO URL. It will look like this:
   
   http://your_help_hostname/users/auth/saml/callback
   
   The Issuer (commonly known as the SP Entity ID)
   
   http://your_help_hostname/users/auth/saml/metadata
   
   
5. Log into onelogin as an Admin
   
   
6. Click the “Applications menu item” and then click on “Add App”.
   
   
7. Type ‘SAML’ into the search box and select “SAML Test Connector (Advanced).
   
   
8. Give App a name (Helpy or Helpdesk usually work fine).
   
   
9. Click on the “Configuration” item in the left nav.
   
   
10. Add the Assertion consumer service URL to the “ACS URL” and “ACS URL Validator” fields.
    
    
11. Click “Save” and then “parameters” on the left menu.
    
    
12. Add a parameter named “email” and check “include in SAML assertion”
    
    
13. Click “Save” and choose “Email” from the drop down. Click “Save”.
    
    
14. Add a parameter named “name” and check “include in SAML assertion”
    
    
15. Click “Save” and choose “Distinguished Name” from the drop down. Click “Save”.
    
    
16. Click “SSO” on the left menu. You will now copy and paste some information back into Helpy:
    
    Issuer URL should go to the IdP Entity field
    
    X.509 Certificate- click to view it and cut and past into Idp Cert (x.509)
    
    SAML 2.0 Endpoint should go to Idp SSO Target
    
    
17. Click “save” then toggle the switch to “Enable the SAML” option on the Helpy Login page. If you want to still enable login with SAML but not display the Login button, the enabled turn off.