OneLogin Configuration

Twingate integrates with OneLogin in order to both synchronize user accounts and delegate user authentication to OneLogin. Only users that are active in OneLogin will be able to use Twingate and access private resources.

Twingate delegates user authentication to OneLogin based on the OneLogin application(s) that you link to Twingate. When activating your Twingate account with OneLogin, you will need to set up an Access Policy. The Client Access Policy determines what default authentication policy applies to users of the Twingate client application. This always applies to users connecting to Twingate.

Follow the steps below to configure Access Policies in the OneLogin Admin UI.

Creating a Client Access Policy

The Client Access Policy is the OneLogin policy that is used to authenticate users when they connect to Twingate via the desktop or mobile app.

To create a Client Access Policy, follow the steps detailed in OneLogin Access Policies to create a new application in OneLogin. This application will be linked to Twingate by reference to its client ID and secret.

  • We suggest calling this policy "Twingate Users" or similar, for clarity.

Creating additional Access Policies

You can create additional Access Policies in OneLogin in order to apply different authentication policies to different Roles in Twingate. This allows you to set policies that match the level of security required by different groups.

To create additional policies, follow the steps detailed in OneLogin Access Policies to create a new application in OneLogin. You can then link this application to a new Access Policy in the Twingate admin console.

Updated 4 months ago

What's Next

The following instructions apply when creating any Access Policy in OneLogin.

OneLogin Access Policies
First-time Configuration

OneLogin Configuration

Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.