OneLogin
Visualize OneLogin users, groups, roles, devices, apps, and services, map OneLogin users to employees, and monitor changes through alerts and queries.
- Installation
- Data Model
Installation
For this integration, you will need to create an API Client ID and Client Secret on OneLogin with the Read All scope as an administrator. See their documentation for more information.
Configuration in JupiterOne
To install the OneLogin integration in JupiterOne, navigate to the Integrations tab in JupiterOne and select OneLogin. Click New Instance to begin configuring your integration.
Creating a configuration requires the following:
The Account Name used to identify the OneLogin account in JupiterOne. Ingested entities will have this value stored in
tag.AccountNamewhen theAccountNametoggle is enabled.Description to assist in identifying the integration instance, if desired.
Polling Interval that you feel is sufficient for your monitoring needs. You may leave this as
DISABLEDand manually execute the integration.Your OneLogin API Client ID, API Client Secret, and your Organization Domain (format:
<yourdomain>.onelogin.com).
Click Create once all values are provided to finalize the integration.
Troubleshooting
This integration's authentication is achieved by fetching an OAuth token from OneLogin. You can reproduce this authentication strategy by running the following curl, replacing <CLIENT_ID> and <CLIENT_SECRET> with your own. <API_HOSTNAME> defaults to https://api.us.onelogin.com:
curl --request POST \
--url <API_HOSTNAME> \
--header 'authorization: client_id:<CLIENT_ID>, client_secret:<CLIENT_SECRET>' \
--header 'content-type: application/json' \
--data '{
"grant_type":"client_credentials"
}'
Next steps
Now that your integration instance has been configured, it will begin running on the polling interval you provided, populating data within JupiterOne. Continue on to our Instance management guide to learn more about working with and editing integration instances.
Entities
The following entities are created:
| Resources | Entity _type | Entity _class |
|---|---|---|
| Onelogin Account | onelogin_account | Account |
| Onelogin Application | onelogin_application | Application |
| Onelogin Application Rule | onelogin_application_rule | Configuration |
| Onelogin Group | onelogin_group | UserGroup |
| Onelogin Personal Application | onelogin_personal_application | Application |
| Onelogin Personal Device | mfa_device | Key, AccessKey |
| Onelogin Role | onelogin_role | AccessRole |
| Onelogin Service | onelogin_service | Service, Control |
| Onelogin User | onelogin_user | User |
Relationships
The following relationships are created:
Source Entity _type | Relationship _class | Target Entity _type |
|---|---|---|
onelogin_account | HAS | onelogin_service |
onelogin_account | HAS | onelogin_group |
onelogin_account | HAS | onelogin_role |
onelogin_account | HAS | onelogin_user |
onelogin_account | HAS | onelogin_application |
onelogin_application | HAS | onelogin_application_rule |
onelogin_group | HAS | onelogin_user |
onelogin_user | ASSIGNED | onelogin_group |
onelogin_user | ASSIGNED | onelogin_role |
onelogin_user | ASSIGNED | onelogin_application |
onelogin_user | HAS | onelogin_personal_application |
onelogin_user | ASSIGNED | aws_iam_role |
onelogin_user | ASSIGNED | mfa_device |