SSO setup - Azure AD (SAML2.0)

Splashtop supports logging into my.splashtop.com and Splashtop Business app using the same credentials as your SAML 2.0 identity provider. Please follow the below instructions to get the app from Azure AD console.

Get the app on Azure AD console

1. Log in Azure AD console. Select an Azure AD Directory, or create a new one.
Azure_AD_en-us.jpg

2. Click Enterprise applications under Manage menu.
Azure_AD2_en-us.jpg

3. Click "+ New application".

Azure_AD3_en-us_PM.jpg

4. Search Splashtop from the gallery then add.

Azure_AD4_en-us.png

5. After adding the app, select Set up single sign on, then select SAML.
Azure_AD5_en-us.jpg

Azure_AD6_en-us.jpg

6. Edit Basic SAML configuration.
Identifier (Entity ID): https://my.splashtop.com
Reply URL (Assertion Consumer Service URL)https://my.splashtop.com/sso/saml2/azure/acs
Sign on URL: https://my.splashtop.com/login/sso 
(There are patterns under each three field which you can copy then paste to the corresponding fields.)
Leave others without changes.
Azure_AD7_en-us.png

7. Edit User Attributes & Claims.
Unique User Identifier: user.mail
Leave others without changes.
Azure_AD8_en-us.png

8. Done!

***For JIT provisioning, please add a group claim:
1. In the set up SSO app on Azure AD, go to Single sign-on page.
2. On the Attributes Claims block, click Edit.
2022-09-06_14-24-36.png
3. On the Edit page, click Add a group claim.
4. On the Group Claims setup, select Security Groups.
5. Click Save.
2022-09-06_14-24-54.png
6. Done!

Add user/group to the created app

Click Add user to add users to the created enterprise application so the user can use SSO feature.

Azure_AD10_en-us.png

Apply for an SSO method from my.splashtop.com

Now you have the Login URL, Azure AD Identifier, and Download Certificate (Base64). 

Please follow below instruction to insert the info on our web portal (my.splashtop.com) to apply for enabling the SSO with Azure AD.
https://support-splashtopbusiness.splashtop.com/hc/articles/360038280751

Note:

After downloading Certificate (Base64), please edit the cert file with a text editor, then copy the contents to insert on my.splashtop.com.

Azure_AD11_en-us.jpg

Additional Resources:

Microsoft Tutorial: Azure Active Directory single sign-on (SSO) integration with Splashtop

If interested you can provision with SCIM for Azure.

See this article: Provisioning setup - Azure AD (SCIM)

1 out of 1 found this helpful