Click on Add domain and enter the domain you want to activate SSO for.You also need to provide you identity provider’s metadata. This step is required independent of which IdP is used.For security reasons and to prevent abuse, it is required to verify the domain ownership before the feature is activated.Add a new domainTo activate SSO, log in to Management Console and select the Single Sign-On menu entry. ![]() Once activated, all users that sign into a corresponding TeamViewer account are redirected to the identity provider that has been configured for the domain. as domain owners, so that they can also manage the domain and its SSO settings.Single Sign-On (SSO) is activated on a domain level for all TeamViewer accounts using an email address with this domain. This is required in order to make changes to the SSO configuration, even when Single Sign-On doesn't work due to misconfiguration.□Hint2: When adding a domain for Single Sign-On, it is recommended to add additional owners to the SSO domain, since the SSO ownership is not inherited within your company. Example: After the TeamViewer Account adds domain „“ for Single Sign-On, they add multiple company administrators (e.g. After adding the domain, the email address should be added to the exclusion list. ![]() The reason for this is a fallback scenario that you keep the access to the domain configuration even if the IdP is not working. Example: The TeamViewer Account adds domain „“ for Single Sign-On. GeneralThis article applies to TeamViewer customers with an Enterprise/Tensor license.TeamViewer Single Sign-On (SSO) aims to reduce the user management efforts for large companies by connecting TeamViewer with identity providers and user directories.RequirementsTo use TeamViewer Single Sign-On, you needa TeamViewer version or newera SAML 2.0 compatible identity provider (IdP)*a TeamViewer account to access the Management Console and add domainsaccess to the DNS management of your domain to verify the domain ownershipa TeamViewer Tensor license.* Currently we only support Centrify, Okta, Azure, OneLogin, ADFS and G Suite, but we are working on supporting more IdPs in the future. The above IdPs have been tested and detailed steps to set up one of these IdP can be found in this documents and other linked pages about SSO and the respective IdPs. □Note: If you use a different IdP, please use the technical information to set up your IdP manually.□Hint: When adding a domain for Single Sign-On, it is recommended to add the owning account to the exclusion list. Single Sign-On (SSO) - TeamViewer Support
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |