Spotlight on Spira 6.14 - Single Sign On with OneLogin & OpenID Connect

November 29th, 2021 by inflectra

roadmap sso oauth

In Spira version 6.4 we added support for Single Sign On (SSO) using the industry standard OAuth 2.0 protocol. In our upcoming v6.14 release of Spira we have extended the range of SSO providers we support to include both the popular OneLogin service and also generic OpenID Connect providers, opening the door for any company that has an OpenID Connect compatible authentication system to use it with Spira.

Spira OAuth Support

When we first released the OAuth single signon functionality in Spira 6.4 we provided support for the following providers based on feedback from our customers:

  • Microsoft Active Directory Federated Services (ADFS)
  • Microsoft Azure Active Directory (AzureAD)
  • Google
  • GitHub
  • GitLab
  • OKTA

Based on requests from our customers since v6.4's release, we have added support for OneLogin as well as a generic option for other OpenID Connect compliant providers.

Spira SSO Support for OneLogin

When you enable the new provider for OneLogin, you will see that option available on the login page:

Spira login page

When a user clicks on the button, they will be redirected to the OneLogin login page as configured for your company:

OneLogin login page

From here they can use the normal OAuth flow and either link their OneLogin account to an existing Spira account, or simply create a new unapproved Spira account "on the fly", and a system administrator can then approve that account.

Inside Spira, you simply use the standard OAuth parameters to configure the provider:

  • Client ID
  • Client Secret
  • Authorization URL
  • Token URL
  • Profile URL

OneLogin OAuth Settings

Inside OneLogin, you will configure a new "OpenID Connect (OIDC)" application and use that to generate the parameters, secrets and URLs needed by Spira:

OIDC configuration page inside OneLogin

Spira Support for OpenID Connect

In addition, we have now added a generic "OpenID Connect" provider option for anyone who needs to use Spira with an OAuth 2.0 / OpenID Connect based single-sign-on solution that is not otherwise listed.

Login providers page in Spira

This provider only uses the minimal number of required "OAuth 2.0" claims and therefore should work with any OAuth 2.0 based solution that doesn't deviate from the OpenID Connect standard.

Spira Helps You Deliver Quality Software, Faster and with Lower Risk.

Get Started with Spira for Free

And if you have any questions, please email or call us at +1 (202) 558-6885

Free Trial