Single Sign-On provisioning setup - OneLogin (SCIM)
Admin of the RemotePC Team and Enterprise accounts can now set up provisioning for their users from the identity provider. RemotePC supports SCIM (System for Cross-domain Identity Management) provisioning method to provision user accounts.
To setup Single Sign-On (SSO) provisioning with OneLogin, the admin needs to:
- Generar token de aprovisionamiento SCIM con cuenta RemotePC
- Create and configure SCIM provisioning app
- Assign users to the provisioned app
El administrador debe generar y utilizar el token de aprovisionamiento SCIM (System for Cross-domain Identity Management) para sincronizar todos los usuarios vinculados con su IdP con la cuenta RemotePC.
Para generar un token,
- Inicie sesión en RemotePC a través del navegador web.
- Haga clic en el nombre de usuario que aparece en la esquina superior derecha y haga clic en "Mi cuenta".
- Vaya a la pestaña "Inicio de sesión único" y haga clic en el botón "Generar token" en "Sincronizar usuarios de su proveedor de identidad" para generar un token.
- Haga clic en el botón "Copiar token" para copiar y guardar el token para futuras consultas.
To configure SCIM provisioning for OneLogin, admin needs to create an app on OneLogin console.
To create the app,
- Login to the OneLogin console using your OneLogin account credentials.
- Click 'Administration' on the top right corner to view your admin console.
- Select 'Applications' from the top menu.
- Click 'Add App' and search for 'SCIM Provisioner with SAML (Core Schema v1.1)', and then click on the app to add.
- Enter the app name and Click 'Save'.
- Click 'Configuration' tab and add below URLs and token:
- SAML Audience URL: https://sso.remotepc.com/rpcnew/sso/metadata
- SAML Consumer URL: https://sso.remotepc.com/rpcnew/sso/process
- API Status: Click the 'Enable' button to enable provisioning
- SCIM Base URL: https://sso.remotepc.com/scim
- SCIM Bearer Token: Enter the SCIM provisioning token generated on your RemotePC account
- Haz clic en "Guardar".
To enable provisioning for user accounts, admin needs to assign users to the SCIM app created on OneLogin console.
To assign users and enable provisioning,
- Navigate to the OneLogin admin console. From the top menu, click 'Users' > 'Users'.
- Click on the user you would like to add to the app or click 'New User' to add a new user profile and click 'Save User'.
- On the user profile, go to the 'Applications' tab and click to select the SCIM app from the drop-down list and click 'Continue'.
- Verify the 'SCIM Username' and click 'Save.
Nota: The 'SCIM Username' needs to be an email address. - From the top menu, click 'Users' > 'Provisioning'.
- Click on any user profile in which you wish to enable provisioning, and click 'Approve'.
Once done, the selected users will be provisioned.