SSO setup - ADFS (SAML 2.0)


BETA Testing only, contact to request.

Splashtop now supports logging in and Splashtop Business app using the credential created from your SAML 2.0 identity providers. Please follow the below instructions to create a Relying Party Trust with AD FS.

Create a Relying Party Trust with AD FS

Follow Microsoft document to create a Relying Party Trust, please check only To create a claims aware Relying Party Trust manually section:

Follow steps 1 to 6 in the document. (Select AD FS 2.0 Profile)

At step 7, Configure URL page, select the Enable support for the SAML 2.0 WebSSO protocol checkbox. Under Relying party SAML 2.0 SSO service URL, type "", then next.

At step 8, Configure Identifiers page, add and

Add a claim

1. Select the Relying Party Trust you just created, click Edit Claim Insurance Policy.

2. Click Add rule, select Send LDAP Attributes as Claims, then next.

3. Select Active Directory as Attribute store, then add E-Mail-Address and User-Principal-Name.
E-Mail-Address: E-mail Address
User-Principal-Name: Name ID 

Add another claim

1. Add another rule with Claim rule template Transform an Incoming Claim.

2. Set up Name ID.
Incoming claim type: E-mail Address
Outgoing claim type: Name ID
Outgoing name ID format: Email 



Apply for an SSO method from

Now you can follow the instruction to insert required info to apply for an SSO method:


a. You should have your own login URL and Issuer to insert on
b. Follow below instructions to get your X.509 info to insert on

Click Service -> Certificates -> View Certificate on the Action menu on the right side. (You should already installed IIS with your certificate.)
Click Details on the Certificate window, and then click Copy to File”4, and choose Base-64 encoded X.509.


Right-click on the exported certificate, then copy the info to paste in the corresponding field on



0 out of 0 found this helpful