How to setup SSO with OneLogin

BlueTally lets you save time and headaches with our Single Sign-on integration with OneLogin that lets your team members log in and use the app without the need to manually create accounts and new passwords.
Log in to your OneLogin account
Click on "Applications", then on "Add App"
Search for "saml custom connector" and select "SAML Custom Connector (Advanced)"
Give it a name (like BlueTally SAML SSO), upload icons (click here for the rectangular icon, click here for the square icon) and click "Save"
Click on "Configuration" in the left menu bar
Enter "" in the RelayState field,
"" in the Audience (EntityID) field,
"" in the Recipient field,
"" in the ACS (Consumer) URL Validator field,
"" in the ACS (Consumer) URL field and scroll down
(replace CUSTOMLINK with the custom link you want to use to log into the app with)

If your custom link contains a "-", please replace it with a "_" in the last CUSTOMLINK in the Audience (EntityID) field, Recipient field, ACS (Consumer) URL Validator field, and ACS (Consumer) URL field, for example: ""
Enter "" in the Login URL field, change the SAML Initiator to "Service Provider", ensure the SAML nameID format is "Email" and click "Save"
Click on "Parameters" in the left menu bar, and click on "+" to add a new field
Enter "first_name" as the Field Name, tick the "Include in SAML assertion" checkbox and click "Save"
Select "First Name" from the list of values and click "Save"
Enter "last_name" as the Field Name, tick the "Include in SAML assertion" checkbox and click "Save"
Select "Last Name" from the list of values and click "Save"
Click on "Save"
Click on "SSO" in the left menu bar, then copy the "SAML 2.0 Endpoint (HTTP)" and note it down for later, and click on "View Details" under X.509 Certificate
Scroll down and download the certificate
Click on Users and select a user you'd like to be able to sign into BlueTally using SSO
Click on "Applications" in the left menu bar
Click on "+" to add a new application for the user
Select the app you just made (BlueTally SAML SSO) and click "Continue"
Make sure "Allow the user to sign in" is checked and click on "Save". Repeat this process (Step 15-19) for all the groups or users you'd like to have SSO login
Go to your BlueTally account settings and enter the "CUSTOMLINK" you decided on earlier, paste in the "SAML 2.0 Endpoint (HTTP)", upload the certificate and decide on which role you'd like new users to have by default.

That's it! Once you upload these details into your account settings, we'll complete the setup on our end - this usually takes a few hours. You'll receive an email when everything is ready.

Once SSO has been setup on your account, giving new users access to BlueTally will be done in the OneLogin application you just created. The same goes for removing user access. New users will only appear in the Account User list in BlueTally after they've signed in for the first time.

If you have any questions regarding this integration, send us an email to and we'll assist you with your setup!

You can also receive notifications directly to Microsoft Teams and Slack, integrate BlueTally with Intune, or into your existing workflows by using our powerful API.