Synchronisation between your portal and your company's Onelogin directory is performed by polling the Onelogin directory periodically for changes. Communication between Cyber Risk Aware and Onelogin is handled via the Onelogin API.


Onelogin API acts as a gateway to data held in your Onelogin directory. Applications can communicate using the API by providing API credentials that is generated by Onelogin.


The steps to integrate your portal with Onelogin are detailed below.


Before you run the sync, if you require additional domains to be added to your portal, please contact support and we will add those for you.

Configuration within Onelogin


Within your Onelogin administration portal, you will need to create API credentials that will act as a ID and Secret for Cyber Risk Aware to access the Onelogin API and query your Onelogin directory.


  • Log in to your Onelogin administration portal.
  • Once logged in, the Developers -> Api Credentials tab.
  • Click New Credential.


  • Add a name for the permissions
  • Select permission ReadAll 
  • Click save



  • Once created. Select the newly generated API credentials.
  • Make note of the Client ID and Secret.



Configuration within Cyber Risk Aware portal



  • Log in to your Cyber Risk Aware portal.
  • Select the menu item User Manager -> AD Sync Configuration.



  • In the next screen, select the tab Onelogin Sync.



  • To enable Onelogin synchronisation with the portal, select the checkbox Enable Onelogin Sync


This will result in the form appearing to provide your Onelogin API Credentials (Client ID and Secret) and attribute mapping details. All fields are explained below: 



Field        Description    Mandatory
Client IDThis is the Client ID that was generated in the steps above.Yes
Secret
This is the Secret generated in Onelogin.
First Name attribute mappingThis will be the attribute in your Onelogin directory that contains the users First Name. This will be the unique identifier in the portal.Yes
Last Name attribute mappingThis will be the attribute in your Onelogin directory that contains the users Last Name. This will be the unique identifier in the portal.Yes
Email attribute mappingThis will be the attribute in your Onelogin  directory that contains the users Email address. This will be the unique identifier in the portal.Yes
Department attribute mappingIf applicable, this will be the attribute in your Onelogin directory that contains the users Department.No
Country attribute mappingIf applicable, this will be the attribute in your Onelogin directory that contains the users Country.No
Locale attribute mappingIf applicable, this will be the attribute in your Onelogin  directory that contains the users locale (defaults to en-US).No
Office attribute mappingIf applicable, this will be the attribute in your Onelogin  directory that contains the users Office location.No
Mobile / Cellular phone attribute mappingIf applicable, this will be the attribute in your Onelogin  directory that contains the users mobile phone number.No
External Id attribute mappingIf applicable, this will be the attribute in your Onelogin  directory that contains the users External Id (such as HR ID).No
Business unit attribute mappingIf applicable, this will be the attribute in your Onelogin  directory that contains the users Business unit.No



Once you have provided this information, click Save.


After Saving, you can trigger the sync by clicking on the Trigger Sync Now button at the bottom of the screen.



The Sync processes is a background process and can take some time to complete depending on the user count. You can monitor progress by viewing the User import / sync progress tab.