Vanta's OneLogin integration enables you to control which employees should be automatically marked in and out of scope in Vanta via OneLogin by granting the Vanta application access to users in OneLogin, and by enabling scoping via OneLogin.
IMPORTANT: Be sure to consult Support and/or your auditor to validate the set of employees that should and should not be managed by Vanta
Ensure the Vanta app is configured correctly in OneLogin
Grant the application to employees who should be in-scope in OneLogin
Follow the instructions provided by OneLogin to grant the Vanta app to employees who should be in-scope.
Enable the feature in Vanta
Navigate to the Integrations
Click on the three-dot menu next to OneLogin and select Configure scope
Enable the IdP scoping toggle:
Once this feature is enabled, all employee scoping will be managed through OneLogin, and the scoping toggle in Vanta will be disabled. Vanta will update the scope status for IdP accounts on the following data fetch, which happens hourly.
Using OneLogin for Workspaces
If you use Vanta Workspaces, you can create multiple Vanta OneLogin apps using the instructions here, one for each Workspace. If you choose to enable IdP scoping, the app you connect to each Workspace determines what set of employees are scoped in.