LogoLogo
HomeContact UsRegister for a live demo!Get a Quote
  • Thinfinity Remote Desktop 5
  • About This Document
  • Introduction
  • What's new in 5.0
  • Architecture
  • Security
  • Upgrade from 4.0
  • Getting Started Section
    • Getting Started
    • Installing Thinfinity® Remote Desktop
    • Using Thinfinity® Remote Desktop for the First Time
      • Verifying the Communication Settings
      • Connecting to a desktop
    • Customizing Thinfinity® Remote Desktop
      • Setting the Access Security Level
        • Access Profiles
          • RDP Profiles
            • Creating an RDP Profile
            • Editing an RDP Profile
            • Disabling an RDP Profile
            • Removing an RDP Profile
            • The "[+]" Profile
          • Weblink Profiles
            • Creating a Weblink Profile
            • Editing a Weblink Profile
            • Disabling a Weblink Profile
            • Removing a Weblink Profile
          • RD Web Access Profiles
            • Creating a RD Web Access Profile
            • Editing a RD Web Access Profile
            • Disabling a RD Web Access Profile
            • Removing a RD Web Access Profile
          • VNC / RFB Profile
            • Creating a VNC Profile
            • Editing a VNC Profile
            • Disabling a VNC Profile
            • Removing a VNC Profile
          • Telnet/SSH profile
            • Creating a Telnet Profile
            • Editing a Telnet Profile
            • Disabling a Telnet Profile
            • Removing a Telnet Profile
      • Testing Internal Access
      • Configuring Internet Access
      • Enabling Remote Sound
      • Mapping Remote Drives
        • Intermediate Disks
        • Shared Folders
    • After Customization
      • Connecting to a Desktop
      • Connecting to an Application
      • Performing a File Transfer
        • Navigating
        • File Options
        • Remote Folder Area Options
        • Downloading and Uploading files
    • Supported RDP Shortcut Keys
  • Advanced Settings Section
    • Advanced Settings
    • Thinfinity® Remote Desktop Manager
      • General
      • Broker
      • Authentication
        • OAuth/2
          • Methods
          • Settings
          • Mappings
          • Configure OAuth with Okta
          • Configure OAuth with Auth0
        • RADIUS
          • Settings
          • Mappings for SSO
        • TOTP (Time-based One-time Password)
          • TOTP Settings
      • Access Profiles
        • RDP Profile Editor
          • General
            • Setting up a Hyper-V Profile
            • Setting up an RDS Collection Profile
          • Display
          • Resources
          • Program
          • Experience
          • Advanced
          • Printer
          • Permissions
          • Restrictions
          • Access Hours
          • Authentication methods
        • Web Link Profile Editor
          • Web Link
          • Permissions
        • RD Web Access Editor
          • General
          • Permissions
        • VNC / RFB Profile Editor
          • Display
          • Permissions
          • Restrictions
          • Access Hours
          • Authentication methods
        • Telnet / SSH Profile Editor
          • Display
          • SSL
          • SSH
          • Options
          • Permissions
          • Authentication methods
          • Access Hours
          • Restrictions
      • Folders
      • Permissions
      • External DLL Authentication Method Settings
      • Duo Authentication Method Settings
        • How to configure DUO
      • SAML Authentication Method Settings
        • Configure SAML with Okta
        • Configure SAML with Centrify
  • Gateway Manager
    • Managing the SSL Certificate
      • The Default Embedded Certificate
      • A Self-Signed Certificate
      • A CA Certificate
  • License Manager
    • License Activation
    • Proxy Activation
    • Get a new Trial Serial Number
    • Activate a Serial Number Online
    • Activate a Serial Number Offline
    • Registering Your License With The License Server Manager
  • Custom Settings
    • Extend the Remote Desktop’s Toolbar
  • Customizing the Toolbar
    • Using customsettings.js
    • Using the 'connect' Method
  • Remote FX
  • Save Session
    • Record a Session
    • Play Recorded Sessions
  • Multi-touch Redirection
  • Enhanced Browser and DPI Support
    • Model Inheritance
    • Property Reference
    • The Calculation Process
    • Examples
  • Silent Install Options
  • Credentials Management
    • User-based Access Profiles
    • Credentials Management
  • Customize Translation
  • Mobile Devices Section
    • Mobile Devices
    • Getting into Thinfinity® Remote Desktop
    • Mouse Control
    • Keyboards and Toolbars
    • Gestures
    • Disconnecting from Thinfinity® Remote Desktop
    • iPad Application
      • Configuration
      • Side Bar
  • Scaling and Load Balancing Section
    • Scaling & Load Balancing
    • Scaling and Load Balancing Configurations
    • Installing Components
    • Configuring a Load Balancing Scenario
    • How to configure your license
  • Integrating Thinfinity® Remote Desktop Section
    • Integrating Thinfinity® Remote Desktop
    • SDK
      • Deploying
      • Using the SDK
      • SDK Login
      • Connect method
        • Placement
        • Destination and Authentication
        • Settings
          • kbdLayout Values
        • Features
        • Events
        • Toolbar Customization
      • Browser Resizing
      • Keystroke Methods
      • SSL Certificate
      • Demo
    • External Authentication
      • Apikey
    • Single Sign On
      • Facebook OAuth Authentication Example
      • Google OAuth/2
        • Google Client ID for Web Applications
      • RADIUS
    • Customizing the Web Interface
      • Changing the Logo
      • Customizing the Web Files
      • Files Location
    • Web Services API
      • Architecture
      • Installing the Web Service
      • Setting up the Communication Settings
      • Profiles Web Service
        • Methods
        • Types
          • The WS Profile type
        • The Demo Applications
      • Analytics Web Service
        • Methods
        • Types
          • WSQueryInfo
          • WSQueryRange
          • WSDBLoginRecord
          • WSSessionRecord
          • WSDBConnectionRecord
          • WSDBBrowserRecord
        • The Demo Application
    • One-Time-URL
      • Configuring the Connection
      • Enabling Features
  • User guide Section
    • User Guide
    • Logging In
    • Advanced Web Features
      • Tree View
      • Listing Options
      • Search bar
    • Accessing from Mobile Devices
      • Connecting with Open Parameters
        • General
        • Display
        • Resources
        • Program
        • Experience
        • Advanced
      • Connecting with Profiles
    • Toolbar
      • Actions
      • File Transfer
      • Options
      • Disconnect
    • Features
      • File Transfer
        • Navigating
        • File Options
        • Remote Folder Area Options
        • Downloading and Uploading files
      • Remote Printer
      • Remote Sound
      • Share Session
      • Mapped Drives
      • Analytics
        • Sessions
        • Connections
        • Logins
        • Browsers
        • Filter
        • Configuring MS SQL Server
          • Analytics Tables Reference
    • Disconnecting
Powered by GitBook
On this page

Was this helpful?

Export as PDF
  1. Integrating Thinfinity® Remote Desktop Section

Single Sign On

PreviousApikeyNextFacebook OAuth Authentication Example

Last updated 4 years ago

Was this helpful?

In a multi-application Single-Sign-On environment users log in once into one application and gain access to all the other applications without being prompted to log in again for each of them.

As different applications and resources support different authentication mechanisms,Thinfinity® Remote Desktop Server has to internally for the supported single-sing-on methods, in order to interpret them into the Thinfinity® Remote Desktop Server local credentials

OAuth 2.0 integration: The configuration options for OAuth 2.0 have been expanded. Now, OAuth /2 authentication servers other than Google are also supported by Thinfinity Remote Desktop Server.

OAuth 2.0 is a protocol that validates users against a remote server. This means that Thinfinity Remote Desktop Server doesn't validate the user internally, using a username and password. The user authentication is relayed to the OAuth 2.0 server. Once the OAuth 2.0 server validates the user, it returns a validation code to Thinfinity Remote Desktop Server. This code will allow Thinfinity Remote Desktop Server to access a token. This token provides access to user information —such as the user email— in the OAuth 2.0 authentication server. Thinfinity Remote Desktop Server uses this token to request this information. Although not specified by the OAuth 2.0 normative, the Profile information server usually returns a JSON object. This JSON object includes values that can be used in Thinfinity Remote Desktop Server to validate the user. These values are mapped to Windows users, so that the corresponding Thinfinity Remote Desktop Server permissions are applied.

In order to use OAuth 2.0 in Thinfinity Remote Desktop Server, add “/oauth2” or “/google” to the Thinfinity Remote Desktop Server URL:

https://<ThinfinityRDServer>/oauth2

This is the callback URL that has to be configured in the AOuth 2.0 server in order to return the user validation code so that Thinfinity Remote Desktop Server can continue with the validation process.

Thinfinity Remote Desktop Server gets its address from the route where the browser request is made. This information cannot be modified.

·

·

Google accounts integration:

Thinfinity® Remote Desktop Server authentication can be integrated to the Google accounts. On the links below you will find the information to set up Thinfinity® Remote Desktop Server to work with this method:

·

·

·

RADIUS integration:

Thinfinity® Remote Desktop Server authentication can be integrated with a RADIUS account. On the links below you will find the information to set up Thinfinity® Remote Desktop Server to work with this method:

Other single-sign-on methods:

·

·

Any other method can also be supported by Thinfinity® Remote Desktop Server. To make any other methods work with Thinfinity® Remote Desktop Server you have to and substitute the password with the .

translate and store different credentials
Facebook OAuth authentication example
Enabling OAuth/2 on Thinfinity® Remote Desktop Server
Google OAuth/2
Google ID for web applications
Enabling Google OAuth/2 on Thinfinity® Remote Desktop Server
RADIUS
Enabling RADIUS on Thinfinity® Remote Desktop Server
map external users to Thinfinity® Remote Desktop Server
Thinfinity® Remote Desktop Server ApiKey mechanism