Creating the Talend Cloud application in OneLogin - Cloud

Talend Cloud Single Sign-On (SSO) Configuration Guide
Version
Cloud
Language
English
Product
Talend Cloud
Module
Talend Management Console
Content
Administration and Monitoring > Managing users
Last publication date
2024-03-05

Procedure

  1. Log in to your administrator OneLogin account.
  2. In the top menu, click Applications, then click Add Apps.
  3. Start typing saml in the search field, then select SAML Test Connector (IdP w/ attr w/ sign response) in the list of results.
  4. Change the application name if needed, then click Save.
    You are redirected to the home page.
  5. In the top menu, click Applications.
  6. Click the newly created app in the list.
  7. On the application page, go to the Configuration tab.
  8. Enter the configuration details.
    Enter the URL to the Audience, the Recipient, the ACS (Consumer) URL Validator, and the ACS (Consumer) URL fields, depending on where your Talend Cloud account is hosted. This URL should read like https://iam.<env>.cloud.talend.com/oidc/ssologin, where <env> is the name of your Cloud region, for example: For further information about the available regions, see the Single sign-on configuration URL row of each region at Talend Cloud regions and URLs.

    It is recommended to keep the RelayState field empty, because this field indicates the destination to which your connection is redirected when the login flow is successfully done.

    When setting up SSO for multiple accounts (multiple tenants) on Talend Management Console, use their account IDs to define the unique entity ID of each account. For example, the entity ID for the AWS US region becomes https://iam.us.cloud.talend.com/oidc/ssologin/<your_account_ID>. Remember to perform the SSO setup individually for each tenant using their respective account IDs. This federates these tenants into a single SSO authentication system.
    Note: The account federation mentioned is exclusive to SSO authentication. The Talend Management Console objects, such as environments and workspaces, remain specific to each tenant and cannot be shared across tenancies.

    You can find the account ID on the Subscription page of your Talend Management Console.

    Example

    In this example, the Audience, Recipient, ACS URL Validator and ACS URL fields are all set to https://iam.us.cloud.talend.com/oidc/ssologin.
  9. Click Save.