Skip to main content

Overview

Wirespeed connects to OneLogin with OAuth 2.0 client credentials so it can:
  • Sync directory users for identity correlation and containment targeting
  • Suspend compromised users during incident response
  • Re-enable suspended users when an incident is resolved
This integration covers directory sync and user containment only. Event log ingestion is tracked separately.

Prerequisites

Before connecting OneLogin in Wirespeed, gather:
  • Your OneLogin subdomain (for example https://acme.onelogin.com)
  • An API Client ID
  • An API Client Secret

Create API Credentials

  1. Sign in to OneLogin as an administrator.
  2. Open Developers > API Credentials.
  3. Create a new API credential pair for Wirespeed.
  4. Choose a scope:
    • Manage users or Manage All if you want Wirespeed to suspend and re-enable users
    • Read Users or Read All is sufficient for directory sync only
  5. Copy the Client ID and Client Secret. The secret may only be shown once.

Connect OneLogin in Wirespeed

  1. In Wirespeed, go to Integrations > Add Integration.
  2. Select OneLogin.
  3. Enter your OneLogin Subdomain, Client ID, and Client Secret.
  4. Save the integration and wait for validation to complete.

Permissions

To suspend or re-enable users, the API credential must include a scope that can update users, such as Manage users or Manage All.

Validation

When you enable the integration, Wirespeed validates the credentials by requesting a small page of users from the OneLogin Users API.