Passport Configuration with OneLogin

Create an OpenID Connect (OIDC) application in OneLogin for use in configuring Passport.

  1. In your OneLogin admin console, navigate to the Applications page and click Add App.

    Passport-OneLogin-01@2x-2

  2. Search for OIDC in the App Catalog and click OpenId Connect (OIDC).

    Passport-OneLogin-02@2x

  3. Provide a Display Name for the OIDC app. Disable Visible in portal. (The app does not need to be visible for Passport to work.) Click Save.

    Passport-OneLogin-03@2x-1

  4. Click Configuration and enter http://localhost in the Redirect URIs field. This is not required for Passport to work, but it is required to save the app configuration.

    Passport-OneLogin-04@2x-1

  5. Click SSO and select Native under Application Type and None (PKCE) under Token Endpoint. Click Save.

    Passport-OneLogin-05@2x-2

  6. Note the Client ID (application ID), Client Secret, and Issuer URL (identity provider URL). You will need these details when configuring the Passport library item.

    NOTE: The Issuer URL for OneLogin is https://<subdomain>.onelogin.com/oidc/2/.well-known/openid-configuration

    Passport-OneLogin-06@2x

With the OneLogin configuration complete, assign the app to the users who will be using Passport to sign in to their Mac systems, and go to the Kandji web app to configure the Passport library item.