Splashtop now supports users/groups provisioning from your identity provider. It is SCIM provisioning the method Splashtop supports, please follow the below steps to set up.
We are still submitting the provisioning pre-configured app with Okta and waiting for approval. You will need to manually create an SSO supported app to configure provisioning at this moment.
Create an app with Splashtop SAML supported on Okta
- Instruction: Link
(Note: Please skip this step and go to next one if you already have one.)
Configure Provisioning - Create an SCIM app
- On Okta console, go to Applications to Add Application. Search SCIM then select the SCIM 2.0 Test App (OAuth Bearer Token)
- When at step 2 Sign-On Options during adding the app, configure as below:
- Default Relay State: If you would like to set up IdP-initiate. The Default Relay State is okta-login.
- Application username format: Select Email.
- After the app created, go to Provisioning to click Configure API Integration.
- Check Enable API integration, insert below info:
SCIM 2.0 Base Url: https://my.splashtop.com/scim/v1
OAuth Bearer Token: How to find my Secret token
Click Test API Credentials, you will get a succesful result if configured correctly.
- After setting up Url and Token (step 4), click Edit then enable Create Users, Update User Attributes and Deactivate Users. Leave Sycn Password disabled. Then Save.
Configure Provisioning - Create a customized attribute
- In the created SCIM app, go to Provisioning tab, click Go to Profile Editor.
- In Profile Editor, click Add Attribute.
Insert below info to create a customized attribute.
Data type: string
Display name: ssoName
Variable name: ssoName
External name: ssoName
External namespace: urn:ietf:params:scim:schemas:core:2.0:User
Attribute Required: Check Yes
Scope: Check User personal
Configure Provisioning - Create a Mapping
- Also in the Profile Editor. Click Mappings.
- Go to the right block (Okta User to "your SCIM app name"), then scroll down to find ssoName, insert the SSO method name created on my.splashtop.com / my.splashtop.eu. Pleaser insert with the format "sso method name". Then click Save Mappings.
Start provisioing - Assign users/groups to the application and Push Groups
- Provision users: Go to Assignments tab, click Assign to Assign to People or Assign to Groups.
This will provision users and users in the group.
- Provision groups:
- Go to Assignments tab, click Assign to Assign to Groups, then assign the groups you would like to push.
- Go to Push Groups tab, click +Push Groups button to add the group you would like to provision.
After configuring both the groups will be provisioned.