Remove "Login" field after SAML integration.

Avatar
  • updated
  • Under Review

Have the option to only allow authentication through SAML once it's integrated.

Duplicates 2
Separate Pages for OAuth Sources

We are increasingly giving Client end-users access to their computers via Control, and would love to give access via OAuth to Office 365 for some of the clients. However, this is currently not a workable solution because each different OAuth source creates a new login button. If there were a way to have it only display each client button on different named pages, or named themes it would be great. We could give the client a link like https://control.url/ClientA and it would show them only their own login button.

Allow re-arranging the login options on the ScreenConnect login screen when using alternate auth methods like SAML.

Would like to make the SAML login the first login on the screen on the screenconnect login.  Optionally, would like to remove the standard login or otherwise hide it when we have SAML enabled and working.

Avatar
0
Patrick Daniels

Would like to second this.  We want our page to redirect to our own authentication page that handles authentication and multifactor, before letting them log in to ScreenConnect.   Having the ability to turn this feature on/off from WebConfig Options would be great.

Avatar
1
KD-FDI

I agree, now that we have SAML working I don't understand why the username, password and login buttons are active.



Avatar
0
Caitlin M Barnes Team Member
  • Under Review
Avatar
1
Darren K

We allow some of our clients with internal IT to use our ScreenConnect instance. If I link their Azure AD and put the Display Name as them, then it leaks who my clients are to the public. The only alternative is to give them generic names, but then I have to tell my various clients to use the second button, or the third one.


I would really like it if the logon page could match the domain of the user with a given external provider instead of listing the various external providers to the public.


We could simple add a field to the SAML configuration that is the domain name and then it can auto switch.

Avatar
0
Patrick Daniels

Wondering if there's any movement on this.  We'd like to activate SAML auth, pairing it with our AD accounts.  But, we don't want them to also be able to log in with their AD accounts.  With this "dual" login option, seems like we're offering them a workaround for the MFA we're imposing.  I see it was under review 3 months ago.  Any progress on that review?  Thanks!  Patrick

Avatar
0
Adam Browne

Another vote for this please :) obviously with a backup URL so if SAML fails we can still get in using an dedicated admin account with a secondary method. SecretServer has a great implementation for this if anyone needs  some inspiration.

Avatar
0
John Micallef

Yeah this would definitely be a good feature.  Even at least removing the Forgot Password? option as this wouldn't be service by Control at all.

For those who want to hide the Forgot Password? link, simply go to Admin > Appearance and edit the LoginPanel.ForgotPasswordLinkButtonText field and ensure that it is empty (no value).

Hope that helps.

Avatar
0
mp1

We would also like to get directly logged in via our SSO Portal, there should be an attribute - RequestInitiator Biding in SAML for this?

Avatar
0
Emre Gunel

Any update regarding this subject?

Avatar
0
jhardwick

I'd love to see a mapping of the domain name to OAUTH user source in Control -- so these 5 domains go to this OAUTH client.. and anything else goes to the local source for example.  

When a user enters their email address Control would know where to send them for login the same way Microsoft does when you enter a domain that is using federated auth.



Top contributors

Avatar
Avatar
Avatar
Avatar
Avatar
Avatar
Avatar
Avatar
Avatar
Avatar
Avatar
Avatar
Avatar
Avatar
Avatar
Avatar
Avatar