Sorry, the InVision Help Center does not support Internet Explorer. Please download Microsoft Edge or another modern browser.


SSO: Configuring OneLogin for Use with InVision V7

This article provides answers for InVision V7 only. Not sure which version you're using? Find out now.

Getting set up to use OneLogin with InVision V7 involves two primary tasks:

  • Add InVision as a new application in OneLogin.
  • Configure OneLogin in InVision V7.

Adding the InVision app in OneLogin

To add the InVision app in OneLogin:

  1. Sign in to your OneLogin admin page, click Applications in the main navigation, and click Add App.
    one-login-sso-adding-invision-app-step-1-add-app.gif
  2. In the search bar, enter "InVision"; click InVision App in the results list, and then click Save.
    one-login-sso-adding-invision-app-step-2.gif
  3. On the left side, click Configuration.
    one-login-sso-adding-invision-app-step-3.png
  4. In the Subdomain field, enter your InVision team's unique subdomain (e.g., your-subdomain.invisionapp.com), and then click Save.
    one-login-sso-adding-invision-app-step-4.gif
  5. On the left side, click SSO.
    one-login-sso-adding-invision-app-step-5.png
  6. Make note of the URL in the SAML 2.0 Endpoint (HTTP) field.
    one-login-sso-adding-invision-app-step-6-url.png
    You'll need this URL for the "Configuring OneLogin in InVision V7" instructions below.
  7. Below the X.509 Certificate field, click View Details, and set the SHA fingerprint dropdown to SHA256.
    one-login-sso-adding-invision-app-step-7-sha-fingerprint.gif
  8. Copy the X.509 certificate, and then click Save.
    one-login-sso-adding-invision-app-step-8-certificate.gif
    You'll need the certificate for the "Configuring OneLogin in InVision V7" instructions below.

Configuring OneLogin in InVision V7

To perform this action, you must be an owner on the Enterprise account.

To use and configure OneLogin as your Enterprise team's IdP in InVision V7:

  1. Sign in to your InVision Enterprise here: your-team-name.invisionapp.com
  2. In the lower-left corner, click the [Your Team Name] dropdown, and then click People & Team settings.
    The Team page will open with the People tab active.
  3. Click the Settings tab, and then click Single sign-on.
  4. Toggle on Require SSO for every member of [your Enterprise team].
  5. Enter the details you gathered during steps 6 and 8 of the "Add the InVision app in OneLogin" instructions:
    • In the SAML Certificate field, paste the X.509 Certificate data you copied in OneLogin.
    • In the Sign-in URL field, enter the SAML 2.0 Endpoint (HTTP) URL you saw in OneLogin.
  6. Click the HASH Algorithm dropdown and select SHA-256.
  7. In the SSO Button Label field, enter the name you want your InVision Enterprise members to see when signing in (e.g., "Sign in with OneLogin").
  8. Fine-tune the sign-in experience as wanted, and then click Update.
    configure-onelogin-in-invision-v7.gif

After completing the steps above for both OneLogin and InVision, any time a user attempts to sign in to your InVision V7 subdomain, they will be prompted to use SSO with OneLogin.


Learn something new

Getting Started Guides