Add Your Identity Provider to the Organization Center
The Identity Provider tab within the Organization Center lets you configure your Identity Provider (IdP) relationship to establish Enterprise Sign-In (SSO) for your organization's users. Whichever single sign-on configuration method you choose, you must finalize the relationship with LogMeIn using the Identity Provider tab to complete the setup.
You can set up this configuration either automatically or manually – you cannot do both. If you save one after the other, the last save is accepted.
Add your Identity Provider automatically
The easiest and most robust way to configure SSO is to use a link to your Identity Provider's metadata file if they provide one. The metadata contains additional information that the IdP can use to make the transaction more secure. In addition, since the metadata file is generated, the method is less prone to typographical errors.
- Log into the Organization Center at https://organization.logmeininc.com.
- In the Identity Provider tab, choose Automatic.
- Enter the Metadata URL for your Identity Provider.
- Click Save. The metadata file is uploaded and configures the relationships correctly.
Add your Identity Provider manually
Not all IdPs support a metadata implementation. To set up a manually configured IdP relationship, you enter key data that will get built into the SAML assertions.
- Log in to the Organization Center at https://organization.logmeininc.com.
- In the Identity Provider tab, select Manual from the drop-down menu.
- Enter the data provided by your Identity Provider:
- Sign-in page URL – The IdP’s landing page for authentication requests, which is the full Identity Provider URL path. It must begin with https://.
- Sign-in binding – Select Redirect or POST.
- Sign-out page URL(Optional) – This is the URL where the user is redirected upon log-out.
- Sign-out binding (Optional) – Select Redirect or POST.
- Identity Provider Entity ID – Location of the globally unique name for your IdP as a SAML entity.
- Verification certificate – The IdP’s public certificate used to verify incoming responses from the IdP. You can add it in either of the following ways:
- Copy and paste the text of the certificate. It is required that the field starts with -----BEGIN CERTIFICATE----- and ends with -----END CERTIFICATE-----.
- Click Upload certificate to import the certificate from a saved location.
- When finished, click Save. The configuration is stored in the LogMeIn account service.
- You can now continue on with testing and notifying your users.