With 1Password Business, you can automate many common administrative tasks using the 1Password SCIM bridge. It uses the System for Cross-domain Identity Management (SCIM) protocol to connect 1Password with OneLogin, so you can:
- Create Users. Users created in OneLogin will also be created in 1Password.
- Update User Attributes. Changing a user’s name in OneLogin will change their name in 1Password.
- Deactivate Users. Deactivating a user or disabling the user’s access to 1Password in OneLogin will suspend the user in 1Password.
- Push Groups. Roles created in OneLogin can be used as groups in 1Password. Role membership changes in OneLogin will also be made in 1Password groups.
Before you can configure OneLogin, you’ll need to set up and deploy the SCIM bridge.
To get started, sign in to your account on OneLogin.com , click Administration in the top right, and follow these steps.
Add the 1Password Business application to OneLogin
To add the 1Password Business application to OneLogin:
- Click Applications, then click Add App.
- Search for 1Password Business and click it. You’ll see the Portal settings for the integration, including the default application label “1Password Business”.
- Click Save.
You’ll see the settings for the application you just created.
Configure the application
On the 1Password Business application settings page, click Configuration. Then follow these steps.
Set up API connection
Enter your Base URL and API Token.
SCIM Base URL: the URL of the TLS-secured API gateway, proxy, or load balancer where you’ve configured the 1Password SCIM bridge. Use https and don’t include a slash at the end.
SCIM Bearer Token: your OAuth bearer token
Click Enable, then Save.
Get help if you don’t have your bearer token.
Confirm that your base URL uses https and does not include a slash at the end. For example:
Set up provisioning to 1Password
- Click Provisioning in the sidebar.
- Turn on “Enable provisioning” and review the other settings.
- Click Save.
OneLogin roles can be pushed to 1Password as groups. To push roles and their memberships to 1Password when assigned:
- Click Rules in the sidebar.
- Click Add Rule.
- Enter a name, like “Map Roles to Groups”.
- Configure the Action:
Set Groups in 1Password Business
Map from OneLogin
- For each
- with value that matches
- Click Save.
- Click Parameters in the sidebar.
- Click Groups.
- Turn on Include in User Provisioning and click Save.
- Click Save again on the application settings page.
Learn more on the OneLogin Help Center.
If you have existing groups in 1Password that you want to sync with OneLogin, add them to the groups managed by provisioning. Click View Details in the setup assistant or click Integrations in the sidebar and choose Manage. Click Manage in the Managed Groups section, then select the groups to sync.
If you’ve previously used the SCIM bridge, make sure to select any groups that were already synced with OneLogin. This will prevent problems syncing with your identity provider, including duplicate groups.