How to apply for a new SSO method? (SAML 2.0)

Fill out this contact form to trial or subscribe to the SSO feature.


Splashtop now supports logging in / and Splashtop Business app using the credential created from your SAML 2.0 identity providers. Please follow the below instructions to apply for an SSO method for your team.

Insert the IDP/X.509 cert info

1. Go to / with the owner account, then Management/Settings 

2. Scroll down to find Apply for the new SSO method link.


3. Insert the required information:

  • A. Insert a name for your SSO method. 
  • B. Select the Protocol SAML 2.0.
  • C. Choose IDP Type. 
  • D. Enable JIT provisioning if required. (Only available when your IdP is Azure AD)
  • E. Insert the IDP SSO Login URL, IDP Issuer and X.509 Certificate info from your setup:
    Global stack: Okta, Azure AD, JumpCloud, OneLogin or ADFS, or Other
    EU stack: Okta, Azure AD.
      1. Use the metadata import at the bottom of the image below to automatically populate the settings
        1. Upload an XML or enter the URL
        2. Click on the Import button
      2. OR manually enter:
            • For X.509, you need to copy the contents from IdP then paste it to the field below.
            • Be careful on http versus https addresses
  • F. Insert the whitelisted domains:
    - the email address with the whitelisted domains can be invited using the SSO method or
    - the existing Splashtop accounts on the team with the whitelisted domains can be associated with the SSO method.


4. After clicking Save, the validation team will verify the info inserted, and also send you an email to verify the domain.

5. We will activate the SSO method after verifying the domain access.  If you did not already receive a message on setting up a DNS record, please contact your account or sales representative to get this information.

6. After the SSO method is activated, on the same Single Sign On section, check the SSO method(s) under the "Status" column, you would like to enable.


  • You have the option to disable device authentication emails for each SSO method - just uncheck the appropriated SSO method under the "Device Authentication" column
  • You can make the default invitation set to a particular SSO method.  Click the radio button for the appropriate SSO method under the "Default" column.
  • You can check your JIT login URL under the "JIT login URL" column.


  • SSO login is supported on / and Splashtop Business app (v3.3.8.0 or later)




1 out of 1 found this helpful