Documentation Index
Fetch the complete documentation index at: https://conductorone-docs-ad-account-provisioning-setup.mintlify.app/llms.txt
Use this file to discover all available pages before exploring further.
Before you begin
To complete this guide, you’ll need:- C1 Super Administrator or Connector Administrator role
- A OneLogin account
Step 1: Integrate your OneLogin instance
Start by integrating your OneLogin instance with C1. Use the OneLogin connector to sync OneLogin to C1. Once connected, C1 ingests all of the users, apps, groups, and other entitlements and resources from OneLogin.Step 2: Convert an OneLogin app to a managed app
Before managing access to an OneLogin app, you’ll need to begin managing it with C1.
Once an application is managed, you can enforce access controls, run user access reviews, and drive lifecycle management for the app.
Step 3: Configure the app entitlements (optional)
Every managed application in C1 comes with a Credential resource. This “access entitlement” is used to manage account level access to application. In OneLogin, at a minimum, this means that the user is assigned to the OneLogin app. Additionally, applications configured in OneLogin may use groups to SCIM roles and permissions to the connected application. C1 can easily convert these linked entitlements into resources and entitlements in your C1 instance. If groups are assigned to the application in OneLogin, you can convert these linked entitlements from OneLogin into in-app entitlements in the C1 app:Click Entitlements, then click the Linked entitlements icon at the top right corner of the entitlements table (the icon looks like a Venn diagram).
For each IdP entitlement C1 has identified as linked to the app, choose an action:
- Create virtual role: Set up a new role in the app that will be linked to the IdP entitlement. This role will only exist in C1, and will function as an alias for the IdP entitlement. Your colleagues can request and review the role, which will appear as part of the app, but they will in actuality be requesting or reviewing the IdP entitlement.
- Provision access for: Link the IdP entitlement to an existing entitlement in the app. When your colleagues request or review the app entitlement, they will also be requesting or reviewing the IdP entitlement.
- Skip: Do nothing.
Step 4: Configure the app and entitlements for self service
Now we’ll configure the application and any entitlements we created in Step 3 so they’re ready for self-service requests.If you want to make the roles or other entitlements you created in Step 3 requestable, select those resource types.
In the Access profiles field, search for and select an access profile. For example, select Everyone to make the entitlements requestable by all users.
Step 5: Request your OneLogin app and entitlements
Now we’re ready it give it a whirl!Find the application you just created.If you’ve made the application requestable, you’ll see a Request button on the app. If you’ve made individual entitlements requestable, you’ll see those on the app.