How to apply for a new SSO method? (SAML 2.0)

Splashtop now supports logging in to your Gateway and Splashtop On-Prem app using the credentials created by your SAML 2.0 identity providers. Please follow the below instructions to apply for an SSO method for your team.

Requirements

  • Splashtop Gateway v3.24.0 or higher

Insert the IDP/X.509 cert info

1. Log in to your Gateway with the owner account, then go to Management/Settings/Authentication/Single Sign-On.

2. Click "Add" to add Gateway URL. Please fill in the correct Gateway URL to ensure the connection between Gateway and IDP.

3. Click "Add SSO Method”, then insert the required information and save the settings for your SSO method.

  • General Settings

    • SSO Name: Insert a name for your SSO method. 

    • Notes: Insert the notes for your SSO method.

  • Identity Provider Settings

    • Entity ID: Please copy Entity ID and Assertion consumer service URL from Gateway, then paste it to your IDP.

    • Assertion consumer service URL: Please copy Entity ID and Assertion consumer service URL from Gateway, then paste it to your IDP.

    • Download service provider metadata: In addition, we also provide a metadata download for you to import SP's metadata in IDP.

  • Service Provider Settings

    • Protocol: Fixed to SAML 2.0.

    • IDP Type: Choose IDP Type. 

  • Metadata (Insert the IDP SSO Login URLIDP Issuer, and X.509 Certificate info from your IDP: OktaAzure ADJumpCloudOneLogin or ADFS, or Other IdPs)

    • Use the metadata import to automatically populate the settings

      • Upload an XML or Import from URL

    • OR Add manually

      • For X.509, you need to copy the contents from IdP and then paste it to the field below.

      • Be careful on http versus https addresses

     

4. After clicking "Save", the SSO method will be enabled. 

  • You can enable/disable/remove the SSO method in the gear button.

  • You have the option to disable device authentication for each SSO method - just uncheck the appropriate SSO method under the "Device Authentication" column.

  • You have the option to disable browser authentication for each SSO method - just uncheck the appropriate SSO method under the "Browser Authentication" column.

  • You can also set the default SSO method. Click the radio button for the appropriate SSO method under the "Default" column.

Note:

  • SSO login is supported on Gateway (v3.24.0 or higher) and Splashtop On-Prem app (v3.5.8.0 or higher)

1 out of 2 found this helpful