SSO setup - Other IdPs (SAML2.0)

Follow

Splashtop now supports logging in my.splashtop.com and Splashtop Business app using the credential created from your SAML 2.0 identity providers, such as Azure AD, Okta, OneLogin, and JumpClould, etc.

For IdPs we don't have a pre-setup app published on their web portal, you can still set it up as an "Others" IdP from my.splashtop.com. Please follow the below instructions to set it up.

Create a custom app from your IdP console

Depending on which IdP you are using, you can follow the instruction from your IdP to create a custom app. Here are some reference articles:

Gsuitehttps://support.google.com/a/answer/6087519?hl=en

PortalGuardhttps://www.portalguard.com/poc-guide/configure-portalguard-identity-provider/portalguard-create-relaying-party.html#

Required configuration information

Option 1: Import the Splashtop metadata file

Metadata file (Global): https://my.splashtop.com/sso/saml2/other_idp/metadata
Metadata file (EU): https://my.splashtop.eu/sso/saml2/other_idp/metadata

 

Option 2: Manually configure these configurations/attributes

  1. Identifier (Entity ID)
    Global: https://my.splashtop.com 
    EU: https://my.splashtop.eu
  2. Reply URL (Assertion Consumer Service URL)
    Global: https://my.splashtop.com/sso/saml2/other_idp/acs
    EU: https://my.splashtop.eu/sso/saml2/other_idp/acs
  3. Sign-on URL: 
    Global: https://my.splashtop.com/login/sso
    EU: https://my.splashtop.eu/login/sso
  4. Relay State (this is to support IdP initiate login): other_idp-login
  5. Metadata requirement:
    urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
  6. Set SSO Response to "signed"
  7. Set SSO Assertion to "unsigned"

Add users to your created app

Depending on which IdP you are using, invite the user or group to the custom app created above. Here is a reference article:

Gsuitehttps://support.google.com/a/answer/6087519?hl=en

Create an SSO method from my.splashtop.com

  1. Log in my.splashtop.com. Go to Account info / Team tab.
  2. Scroll down to the bottom to click Apply for new SSO method.
  3. Select Others as the IDP type.
  4. Insert the required fields.  For A, B, and C, please use the metadata import function.
    other_IDP_en-us.png
    Example:
    other_IPD2_en-us.png
  5. After clicking Save, the validation team will verify the info inserted and verify your domain ownership.

  6. We will activate the SSO method after verifying the domain ownership.

0 out of 0 found this helpful