• Introduction
• Prerequisites
• Add the Youverse SSO Integration
• Enroll users
• Troubleshooting

OneLogin

Achieve a truly frictionless login experience with Youverse Single Sign-On (SSO). To login with Youverse, you need a username and a selfie, and that’s it! No more passwords to worry about.

This guide details the required steps to setup Youverse as a trusted identity provider in OneLogin.

With this integration you can easily add a passwordless login option for all your OneLogin enabled apps using Youverse SSO.

Prerequisites

1. An OneLogin developer account. Sign up here.
2. Register your app with Youverse:
   1. Find your OneLogin subdomain name.
   2. Send an e-mail to support@youverse.id requesting a SSO service account and provide your app name and OneLogin subdomain. You will receive a unique identifier for the registered app and also a secret (Client ID and Client Secret). Make note of these values, you will need them later.

Add the Youverse SSO Integration

To integrate Youverse SSO with OneLogin, follow the steps below.

1. From your OneLogin admin dashboard click on Authentication > Trusted IdPs.
2. Click on the New Trust button.
3. Provide a name for this Trusted IdP configuration (e.g. "Youverse").
4. Select OIDC in the Protocol Type section (near the bottom of the webpage).
5. Check the Enable Trusted IDP and Show in Login panel boxes.
6. Set the Login icon URL to: https://yk-website-images.s3.eu-west-1.amazonaws.com/logo.png.
7. In the Issuer field enter: https://accounts.youverse.id.
8. Check the Sign users into OneLogin and Sign users into additional applications boxes.
9. Set the User Attribute Value to {tidp.email}.
10. Select Email in User Attribute Mapping.
11. Fill out the following fields on the OIDC Configurations section:
    • Authentication Endpoint - https://accounts.youverse.id/oauth/authorize.
    • Token Endpoint Auth. Method - POST.
    • Token endpoint - https://accounts.youverse.id/oauth/token.
    • User Information endpoint - https://accounts.youverse.id/oauth/userinfo.
    • Scopes - Enter “openid profile email”.
    • Client Id - Client ID received from Youverse.
    • Client Secret - Insert the Client Secret received from Youverse.
12. Click Save and it is done!.

Additional configuration options are described here.

Enroll users

Users can enroll with Youverse by signing up here using the same e-mail address as in their OneLogin account. This way, we can link both Youverse and OneLogin accounts with the user e-mail.

After the e-mail is confirmed, it will be available through the OIDC email claim.

Troubleshooting

If you find any issues or need help with the setup please contact us or join us at our discord community.