# OneLogin Verkada supports Security Assertion Markup Language (SAML) authentication using OneLogin as your Identity Provider (IdP). | Feature | Supported | | ----------------- | :-------: | | OIDC SSO | — | | SAML SSO | Yes | | SCIM Provisioning | — | | ECE Support | — | *** ## Configure Verkada SSO with OneLogin {% hint style="warning" %} Before you can enable OneLogin SAML, you **must** [generate your client ID](/command/security/identity-providers.md#generate-client-id). {% endhint %} {% stepper %} {% step %} **Launch OneLogin and on the menu bar, select Applications > Add App.**

{% endstep %} {% step %} **Search for SAML Custom Connector (Advanced).**

{% endstep %} {% step %} **Choose a Display Name and click Save.**

{% endstep %} {% step %} **Go to Applications > SAML Custom Connector (Advanced), select Configuration, and use these values to copy and paste, where you replace `CLIENT-ID` with the client ID generated earlier.** a. For **Audience (EntityID)** and **Recipient**: * For US orgs: * For EU orgs: [https://saml.prod2.verkada.com/saml/sso/](https://saml.prod2.verkada.com/saml/sso/%3CclientID%3E) * For AUS orgs: e. **Required**. For **ACS (Consumer) URL Validator**: * For US orgs: [https://vauth.command.verkada.com/saml/sso/](https://vauth.command.verkada.com/saml/sso/%3CclientID%3E) * For EU orgs: [https://saml.prod2.verkada.com/saml/sso/](https://saml.prod2.verkada.com/saml/sso/%3CclientID%3E) * For AUS orgs: i. **Required**. For **ACS (Consumer) URL**: * For US orgs: [https://vauth.command.verkada.com/saml/sso/](https://vauth.command.verkada.com/saml/sso/%3CclientID%3E) * For EU orgs: [https://saml.prod2.verkada.com/saml/sso/](https://saml.prod2.verkada.com/saml/sso/%3CclientID%3E) * For AUS orgs: m. For **SAML signature element**, click the dropdown and select **Both**. {% hint style="warning" %} To confirm which region you're located, [refer to where your organization was created for Verkada](/command/getting-started/get-started-with-verkada-command.md). {% endhint %} {% endstep %} {% step %} **On Applications > SAML Custom Connector (Advanced), select Parameters.** {% endstep %} {% step %} **Click the plus (+) icon, configure the parameters:** a. For **Name**, enter the first and last name.\ b. Click the **Value** dropdown and select **Email** > **First Name**.\ c. Under **Flags**, check **Include in SAML assertion**, and click **Save**. {% endstep %} {% step %} **Click the plus (+) icon and in the next open dialog, select Configured by admin.** Your parameters should look like this:

{% endstep %} {% step %} **Return to Applications > SAML Custom Connector (Advanced) and select SSO.** {% endstep %} {% step %} **Click the More Actions drop-down and select SAML Metadata to download the metadata.**

{% endstep %} {% step %} **Required. To complete the setup process, you must** [**upload the metadata to Command**](/command/security/identity-providers.md#upload-saml-xml-metadata)**.** {% endstep %} {% step %} **Log in with the SAML Login URL.** {% endstep %} {% endstepper %} --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://help.verkada.com/command/security/identity-providers/onelogin.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.