SSO setup - Microsoft Entra ID/Azure AD (SAML2.0)

Splashtop supports logging into my.splashtop.com and Splashtop Business app using the same credentials as your SAML 2.0 identity provider. Please follow the below instructions to get the app from Microsoft Entra ID/Azure AD console.

Get the app on Microsoft Entra ID/Azure AD console

1. Log in Azure AD console. Select Enterprise applications

 

2. Click "+ New application".

Azure_AD3_en-us_PM.jpg

3. Search Splashtop from the gallery then add.

5. After adding the app, select Set up single sign on, then select SAML.
Azure_AD5_en-us.jpg

Azure_AD6_en-us.jpg

6. Edit Basic SAML configuration.
Identifier (Entity ID): https://my.splashtop.com
Reply URL (Assertion Consumer Service URL)https://my.splashtop.com/sso/saml2/azure/acs
Sign on URL: https://my.splashtop.com/login/sso 
(There are patterns under each three field which you can copy then paste to the corresponding fields.)
Leave others without changes.
Azure_AD7_en-us.png

7. Edit User Attributes & Claims.
Unique User Identifier: keep user.userprincipalname or user.mail, or any field you use to manage team user's email address (the value has to be email address).
Leave others without changes.

8. Done!

***For JIT provisioning, please add a group claim:
1. In the set up SSO app on Microsoft Entra ID/Azure AD, go to Single sign-on page.
2. On the Attributes Claims block, click Edit.
2022-09-06_14-24-36.png
3. On the Edit page, click Add a group claim.
4. On the Group Claims setup, select Security Groups.
5. Click Save.
2022-09-06_14-24-54.png
6. Done!

Add user/group to the created app

Click Add user/group to add users to the created enterprise application so the user can use SSO feature.

Apply for an SSO method from my.splashtop.com

Now you have the Login URL, Microsoft Entra ID/Azure AD Identifier, and Download Certificate (Base64). 

Please follow below instruction to insert the info on our web portal (my.splashtop.com) to apply for enabling the SSO with Microsoft Entra ID/Azure AD.
https://support-splashtopbusiness.splashtop.com/hc/articles/360038280751

Note:

After downloading Certificate (Base64), please edit the cert file with a text editor, then copy the contents to insert on my.splashtop.com.

Azure_AD11_en-us.jpg

Additional Resources:

Microsoft Tutorial: Microsoft Entra single sign-on (SSO) integration with Splashtop

If interested you can provision with SCIM for Microsoft Entra ID/Azure AD.

See this article: Provisioning setup - Microsoft Entra ID/Azure AD (SCIM)

2 out of 2 found this helpful