SnapLogic
Before You Begin
Introduction
This document describes how to configure Oracle Identity Cloud Service to provide Single Sign-On (SSO) for SnapLogic using SAML.
About SnapLogic
SnapLogic offers cloud integration products to allow customers to connect cloud-based data and applications with on-premise and cloud-based business systems. The products are designed to allow business users with limited technology skills to access and integrate data from different sources.
After integrating SnapLogic with Oracle Identity Cloud Service:
- Users can access SnapLogic using their Oracle Identity Cloud Service login credentials.
- Users can start SnapLogic using the Oracle Identity Cloud Service My Apps console.
- Admins can assign and revoke user access to the SnapLogic app using the Oracle Identity Cloud Service administration console.
What Do You Need?
- An Oracle Identity Cloud Service account with authorization rights to manage apps and users (Identity Domain Administrator or Application Administrator).
- An SnapLogic account with authorization rights to configure federated authentication.
- Make sure that the email ID of each user in SnapLogic matches the primary email ID of the Oracle Identity Cloud Service account.
Configuring the SnapLogic App in Oracle Identity Cloud Service
Use this section to register and activate the SnapLogic app, and then assign users to the app.
Registering and Activating the SnapLogic App
Access the Oracle Identity Cloud Service administration console, select Applications, and then click Add.
Click App Catalog.
Search for
SnapLogic, and then click Add.In the App Details section, enter your SnapLogic Organization name, and then click Next.
Tip: This is the organization name that you received in an email from SnapLogic.
Click Download Identity Provider Metadata. To learn about other methods you can use to access SAML metadata, see Access SAML Metadata.
Tip: Use this file later during SnapLogic configuration in the "Configuring SSO for SnapLogic" section.
Click Finish. Oracle Identity Cloud Service displays a confirmation message.
Click Activate, and then click Activate Application. Oracle Identity Cloud Service displays a confirmation message.
Assigning Users to the SnapLogic App
On the SnapLogic app page in Oracle Identity Cloud Service, select Users, and then click Assign. The Assign Users window appears.
Select users that you want to assign to SnapLogic, and then click OK. Oracle Identity Cloud Service displays a confirmation message stating that the SnapLogic app is assigned to the users that you selected.
Configuring SSO for SnapLogic
Access the SnapLogic app as an administrator using the URL:
https://elastic.snaplogic.com/sl/login.html.The SnapLogic page appears.In the upper-right corner, click the user name. The Manager page appears.
In the left navigation menu, click Settings. The Organization Settings page appears.
Locate the Single Sign-On via SAML v2.0 section, and then click Configure SSO.... The Update dialog box appears.
Click Browse under the Upload Identity Provider (IdP) Metadata field and upload the identity provider metadata that you downloaded during SnapLogic registration. See the "Registering and Activating the SnapLogic App" section.
Click UPDATE.
Verifying the Integration
Use this section to verify that SSO/SLO works when initiated from Oracle Identity Cloud Service (IdP initiated) and SnapLogic (SP initiated).
Verifying Identity Provider Initiated SSO from Oracle Identity Cloud Service
Access the Oracle Identity Cloud Service My Profile console using the URL:
https://<IDCS-Service-Instance>.identity.oraclecloud.com/ui/v1/myconsole.Log in using credentials for a user that is assigned to the SnapLogic app. Oracle Identity Cloud Service displays a shortcut to SnapLogic under My Apps.
Click SnapLogic. The SnapLogic home page appears.
In the upper-right corner, confirm that the user that is logged in is the same for both SnapLogic and Oracle Identity Cloud Service.
This confirms that SSO that is initiated from Oracle Identity Cloud Service works.
Verifying Service Provider Initiated SSO from SnapLogic
Access SnapLogic using the URL:
https://elastic.snaplogic.com/sl/login.html. The SnapLogic login page appears.Click Log in via Single Sign On, enter the Organization name, and then click Log in. You are redirected to the Oracle Identity Cloud Service login page.
Tip: This is the organization name that you received in an email from SnapLogic.
Log in using credentials for a user that is assigned to the SnapLogic app. The SnapLogic home page appears.
In the upper-right corner, confirm that the user that is logged in is the same for both SnapLogic and Oracle Identity Cloud Service.
This confirms that SSO that is initiated from SnapLogic works.
Troubleshooting
Use this section to locate solutions to common integration issues.
Known Issues
SnapLogic displays the message, "Single Sign On authentication failed. Unknown SnapLogic user: <UserName>"
Cause: The email attribute sent by Oracle Identity Cloud Service during SSO doesn't match any existing user in SnapLogic.
Solution: Ensure that the user that you assign to the SnapLogic app has an account in both Oracle Identity Cloud Service and SnapLogic with the same email address.
Unknown Issues
For unknown issues, contact Oracle Support:
Go to https://support.oracle.com.
Select Cloud Support, and then sign in with your support credentials.
In the Cloud Dashboard, confirm that there are no planned outages in Oracle Identity Cloud Service, and then click Create Service Request.
Select Oracle Identity Cloud Service as the service type.
Complete your service request.