1. Help and Support | Digital Theatre+
  2. Authentication
  3. Guidance for Specific SSO Service Providers

Configuring OneLogin to authenticate to Digital Theatre+

This article explains how to use OneLogin to sign your users into Digital Theatre+

Instructions

Add the DT+ App

  1. Sign into your OneLogin tenant.  Your tenant will be accessed via a URL unique to your organisation, for example: https://<your-organisation>.onelogin.com 
  2. Click Applications
  3. Click Add App
  4. In the Search field, enter: Digital Theatre
  5. Select the DT+ SAML 2.0 Application
  6. Modify the Display Name to be: Digital Theatre+ (to avoid confusion)
  7. Click Save

Once saved, additional configuration options will become available:

Screenshot showing Digital Theatre+ configuration screen in OneLogin portal

Gather information to send to Digital Theatre+

  1. Click SSO
  2. Under X.509 Certificate, click View Details
  3. Download the X.509 PEM Certificate
  4. Click Applications
  5. Click the Digital Theatre Application you added in the previous step
  6. Click SSO
  7. Send the following information to the Digital Theatre+ team via https://sso.digitaltheatreplus.com
    1. SAML Signature Algorithm (either SHA-1 or SHA-256)
    2. Issuer URL
    3. SAML 2.0 Endpoint (HTTP)
    4. X.509 Certificate
    5. Email domains that your users sign in with (so that users are redirected to your OneLogin Identity Provider) when they go to https://edu.digitaltheatreplus.com, click Sign In and enter their email address.

Screenshot showing SSO configuration for Digital Theatre+ in OneLogin portal

Apply the ACS URL suffix

Digital Theatre+ support will provide the ACS URL after importing the information you sent in the previous step.

  1. Click Configuration
  2. Put the last part of the ACS URL (the suffix) into the ACS URL suffix field
    1. For example, if Digital Theatre+ support provided an ACS URL of: https://auth.digitaltheatreplus.com/sso/saml2/0oa9yuusintknvTx44x7 then 0oa9yuusintknvTx44x7 is the value you need to put in this field.
  3. Click Save

Test Sign In

  1. Using your web browser, go to the full ACS URL.  This triggers the sign in flow.  You will be redirected to your OneLogin Identity Provider.
  2. Enter your credentials (if not already signed in)
  3. You will be authenticated to Digital Theatre+

Confirm Sign In is working

  1. Let Digital Theatre+ support know that sign in is working for you, and redirection of users signing in with your email domain(s) will be enabled