Single Sign-on


    If your question is not addressed below, please contact us through our support form and we'll get back to you shortly.



    faq What is Single Sign-on?
    faq How do I set up single sign-on (SSO) with RemotePC?
    faq How do I configure my RemotePC account for SSO?
    faq How do I generate the SCIM provisioning token for SSO to sync contacts from IdP?
    faq How do I enable SSO for my users?
    faq Is it possible to delete a SSO profile?
    faq How can I disable SSO for a user?
    faq Can I configure my own identity provider for SSO?
    faq Can I login via SSO from my computers and mobile devices?
    faq How do I sign in to my SSO enabled account from the desktop?

    What is Single Sign-on?

    Single Sign-on (SSO) is a one-step user authentication process. If you are the admin of a Team or Enterprise account, you can set up SSO with the identity providers (IdP) of your choice. Your users can access RemotePC using the IdP credentials without another password to manage.

    Note: RemotePC account owners will not be able to sign in using SSO.

    How do I set up single sign-on (SSO) with RemotePC?

    Admin of a Team or Enterprise account can configure SSO to access RemotePC by signing in to a central identity provider. To set up SSO, you need to configure your identity provider and then configure your RemotePC account.

    How do I configure my RemotePC account for SSO?

    To set up SSO for your RemotePC account,

    1. Log in to RemotePC via web browser.
    2. Click the username displayed on the top-right corner and click 'My Account'.
    3. Click 'Single Sign-On'.
    4. Enter a name for your SSO profile.
    5. Enter the URLs and add the X.509 certificate received from your IdP.
      Note: X.509 certificate should only be in .pem or .cer format.
    6. Click 'Configure Single Sign-On'.

      RemotePC

    You will receive an email when SSO is enabled.

    Note: The SSO configuration will be implemented only for your RemotePC account. You can manage SSO for your RDP Connector account on the My Accounts section of the RDP Connector Dashboard.

    How do I generate the SCIM provisioning token for SSO to sync contacts from IdP?

    To generate a token for syncing contacts,

    1. Log in to RemotePC via web browser.
    2. Click the username displayed on the top-right corner and click 'My Account'.
    3. Navigate to the 'Single Sign-On' tab and click the 'Generate Token' button under 'Sync users from your identity provider' to generate a token.
    4. Click the 'Copy Token' button to copy and save the token for future reference.

      RemotePC

    Learn how to sync contacts from Okta, OneLogin and Azure AD.

    How do I enable SSO for my users?

    Admin of Team or Enterprise accounts can either select SSO for login while inviting users to create an account or enable SSO for existing users.

    To invite SSO users,

    1. Log in to RemotePC via web browser.
    2. Go to the 'User Management' tab and click 'Add User'.
    3. Enter the user email address in the 'Email Address' field.
    4. Select group and other preferences for the user.
    5. Select 'Enable SSO'.

      RemotePC
      Note: If you select the checkbox, users won't have to set a password for their account.
    6. Click 'Invite User'.

    To enable SSO for existing users,

    1. Log in to RemotePC via web browser and go to the 'User Management' tab.
    2. Hover on the user you want to edit and click RemotePC.
    3. Select 'Enable SSO'.
    4. Click 'Save'.

    Is it possible to delete a SSO profile?

    Yes, admins can remove a SSO profile from their account.

    To remove SSO profile,

    1. Log in to RemotePC via web browser.
    2. Click the username displayed on the top-right corner and click 'My Account'.
    3. Click 'Single Sign-On'.
    4. Click RemotePC corresponding to the SSO profile you wish to delete.
    5. Click 'Delete' in the confirmation popup to remove the SSO profile.

    Deleting the SSO profile will remove Single Sign-On for all users linked with this profile and they will have to use their registered email and password for login.

    How can I disable SSO for a user?

    To disable SSO for a user,

    1. Log in to RemotePC via web browser and go to the 'User Management' tab.
    2. Hover on the user you want to edit and click RemotePC.
    3. Deselect the 'Enable SSO' checkbox.
    4. Click 'Save'.

    In case you disable single sign-on for a user, they will need to set a new password for their account. Once done, the user must use their email address and new password to login.

    Can I configure my own identity provider for SSO?

    Yes, you can configure your own identity provider for SSO along with a set of parameters as described below:

    • RemotePC uses SAML2 with the HTTP Redirect binding for RemotePC to IdP and expects the HTTP Post binding for IdP to RemotePC.
    • While configuring with SAML, use the following URLs and save the changes.
      1. Single sign on URL:
        https://sso.remotepc.com/rpcnew/sso/process
      2. Audience URL (SP Entity ID):
        https://sso.remotepc.com/rpcnew/sso/metadata
    • Your identity provider may ask if you want to sign the SAML assertion, the SAML response, or both.

    Can I login via SSO from my computers and mobile devices?

    All computers and mobile devices that are currently linked to RemotePC accounts will continue to work as usual. However, if users need to login via an already configured or new device, they'll need the latest versions* of the desktop application and mobile app in order for single sign-on to work. If they haven't signed in to your identity provider, they'll be automatically redirected to the IdP on login.

    RemotePC

    *Note: SSO is supported for RemotePC Windows application version 7.6.31 and higher / and Mac application version 7.6.23 and higher / and iOS app version 7.6.26 and higher / and Android app version 4.2.3 and higher.

    How do I sign in to my SSO enabled account from the desktop?

    To sign in to SSO enabled account via desktop,

    1. Click 'Single Sign-On (SSO)' on the login screen.
    2. Enter 'Email Address' and click 'Login'. You will be redirected to IdP web sign in page.
    3. Enter the username and password registered with IdP, when prompted to enter credentials.

    Upon successful validation of user identity, you will be prompted to go back to the desktop application and you can now continue using your RemotePC account.