Setting up OneLogin to work with Tailscale
You will have to contact us to enable your domain for OneLogin authentication, following the steps below. We are actively working to make this process more automated.
-
In the OneLogin dashboard, go to Applications.
- Select Add App
-
Search for "OIDC" and select OpenID Connect (OIDC).
-
Set the Display Name to "Tailscale."
- Select Save.
-
Under Configuration:
- Add to Redirect URIs:
https://login.tailscale.com/a/oauth_response
- Select Save
- Add to Redirect URIs:
-
Under SSO:
- Set Refresh Token Minutes to 40320 (4 weeks)
- Select Save
-
When done, fill out the Identity provider configuration or change section of the support form.
-
Make sure all users you want to be able to log in are enabled for the Tailscale application in OneLogin.
After you send us your OneLogin app information, note that it may take up to two business days to activate your domain.