OneLogin (OpenID On-Prem)

Sysdig On-Prem supports Single Sign-On with OpenID Connect via OneLogin.

Review OpenID Connect (On-Prem) before you begin.

The notes below describe minimal steps to be taken in OneLogin. You may need to adjust the steps based on the specifics of your environment.

  1. Login to your OneLogin organization as a user with administrative privileges and click to Apps > Custom Connectors, then click the New Connector button.

  2. Create a new Connector

    • Enter your choice of connector name

    • Select a Sign on Method of OpenID Connect

    • For Redirect URI to, enter one of the following values, replacing HOSTNAME with the hostname through which your users access the Sysdig application(s) and PORT with the TCP port # (typically 443):

      If configuring Sysdig Monitor, enter: https://HOSTNAME:PORT/api/oauth/openid/auth

      If configuring Sysdig Secure, enter: https://HOSTNAME:PORT/api/oauth/openid/secureAuth

    • Click the Save button

  3. From the More Actions pull-down menu, select Add App to Connector.

  4. Click Save to add the app to your catalog. Once clicked, additional tabs will appear.

  5. Click to the SSO tab. Change the setting in the Token Endpoint drop-down to POST, then click Save.

  6. While still on the SSO tab, take note of the Client ID and Client Secret that are shown (click Show client secret to reveal it), as you will need them to complete the configuration in the Sysdig platform.

  7. Note that the Issuer URL you will need to complete the Sysdig platform configuration will consist of https://YOUR-ONELOGIN-DOMAIN.onelogin.com/oidc

  8. Return to the bottom section of the OpenID Connect (On-Prem) article for instructions on using the helper script to complete the configuration in the Sysdig platform.