SSO setup - Azure AD (SAML2.0)

Splashtop supports logging in to your Gateway and Splashtop On-Prem app using the same credentials as your SAML 2.0 identity provider. Please follow the below instructions to get the app from Azure AD console.

Create an app on Azure AD console

1. Log in Azure AD console. Select an Azure AD Directory, or create a new one.
Azure_AD_en-us.jpg

2. Click Enterprise applications under Manage menu.
Azure_AD2_en-us.jpg

3. Click "+ New application".

Azure_AD3_en-us_PM.jpg

4. Click "+ Create your own application".

4. Input the name od your app and select "Integrate any other application you don't find in the gallery (Non-gallery)", then click "Create".

5. After adding the app, select Set up single sign on, then select SAML.
Azure_AD5_en-us.jpg

Azure_AD6_en-us.jpg

6. Edit Basic SAML configuration.

  • Identifier (Entity ID): onpremise.splashtop.com (Copy Entity ID in Add SSO Method from your Gateway).
  • Reply URL (Assertion Consumer Service URL): https://[Gateway Address]/api/saml/acs (Copy Assertion consumer service URL in Add SSO Method from your Gateway).

Leave others without changes.

7. Edit User Attributes & Claims, then change Unique User Identifier to user.mail. Leave others without changes.

8. Done!

Add user/group to the created app

Click Add user to add users to the created enterprise application so the user can use SSO feature.

Azure_AD10_en-us.png

Apply for an SSO method from your Gateway

Now you have the Login URL, Azure AD Identifier, and Download Certificate (Base64). 

Please follow the below instructions to insert the info on your Gateway to Add SSO method with Azure AD.

Note: After downloading Certificate (Base64), please edit the cert file with a text editor, then copy the contents to insert on your Gateway.

 

0 out of 0 found this helpful