Help

Jamf Connect + Onelogin: Unable to load Identity Provider

Go to solution
Flaurian
Contributor

Posted on ‎02-22-2022 11:15 PM

Hello :) 

because I'm still struggling with Jamf Connect for testing Onelogin. I'm using the latest version of Jamf Configurator (2.9.0) Please note, for my test instance, I didn't configure MFA for Onelogin. 

I don't know if it's the OIDCTenant or something else why it's not working but I tested already these things for OIDCTenant. 

Error message from Jamf Configurator: " Unable to load Identity Provider "

Error message from Onelogin: "OIDC authorization code for Jamf Connect FAILED" 

 

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>CreateJamfConnectPassword</key>
<true/>
<key>OIDCClientID</key>
<string>Onelogin-Client-ID</string>
<key>OIDCClientSecret</key>
<string>Secret</string>
<key>OIDCDiscoveryURL</key>
<string>https://<mycompanyname>.onelogin.com/oidc/2/.well-known/openid-configuration</string>
<key>OIDCIgnoreCookies</key>
<false/>
<key>OIDCProvider</key>
<string>OneLogin</string>
<key>OIDCROPGID</key>
<string>Onelogin-Client-ID</string>
<key>OIDCRedirectURI</key>
<string>https://127.0.0.1/jamfconnect</string>
<key>OIDCTenant</key>
<string>Onelogin-Client-ID</string>
</dict>
</plist>

0 Kudos
1 ACCEPTED SOLUTION

Go to solution
Flaurian
Contributor
In response to YanW

Posted on ‎02-24-2022 06:11 AM

Thanks, @YanW I solved it finally with the Jamf Support team. It looks like for me, they missed keeping the Onelogin documentation up2date. 

In case, u configured OneLogin as an OIDC connection u have to change the authentication method to "POST" not to "none". Afterward, I got tokens and I configured also ROPG / Discovery URL / Secret 

View solution in original post

6 REPLIES 6

Go to solution
YanW
Contributor III

Posted on ‎02-23-2022 08:16 AM

We put MFA even it's not configured. We tried 1 thing at a time, using the most basic configuration, at the end, we removed the DiscoveryURL and Secret. 

	<key>ROPGSuccessCodes</key>
	<array>
		<string>MFA</string>
	</array>

  

Go to solution
Flaurian
Contributor
In response to YanW

Posted on ‎02-24-2022 12:21 AM

Thanks for ur answer but if I remove "DiscoveryURL and Secret" I'm unable to SignIn to OneLogin. I already tested it to add "MFA" as ROPGSuccessCodes but no chance - same result. 

 

0 Kudos

Go to solution
YanW
Contributor III
In response to Flaurian

Posted on ‎02-24-2022 05:09 AM

What was your OIDC test result in the Jamf Connect Configuration? We use the most basic setup. 

Screen Shot 2022-02-24 at 7.54.16 AM.png

jamf connect.jpg

 

Go to solution
Flaurian
Contributor
In response to YanW

Posted on ‎02-24-2022 06:11 AM

Thanks, @YanW I solved it finally with the Jamf Support team. It looks like for me, they missed keeping the Onelogin documentation up2date. 

In case, u configured OneLogin as an OIDC connection u have to change the authentication method to "POST" not to "none". Afterward, I got tokens and I configured also ROPG / Discovery URL / Secret 

Go to solution
jbresee
New Contributor III
In response to Flaurian

Posted on ‎03-09-2022 12:12 PM

Thanks for posting this! 

It helped me fix my configuration. I was getting an error with JAMF connect that was corrected by switching from NONE to POST on the onelogin side.

You rock!!

0 Kudos

Go to solution
Prabhu
New Contributor

Posted on ‎10-09-2023 08:05 AM

Hello Everyone, 

When we signed into Jamf Connect menubar we're getting MFA error, does anyone have a idea about this error. 

Attached the screenshot for reference. 

Screenshot 2023-10-05 at 6.42.33 PM.png

0 Kudos