Pending Review

Offer Office 365 as an authentication source, without need for per-tenant SAML

David N 6 years ago updated by JasonJCT 3 years ago 4

We use Control for both internal use at the MSP but also to give our clients access to their own computers. Right now, we have to use internal authentication in Control and create accounts manually and have a separate password/login process for Control logins.

SAML authentication was recently integrated, which is a good first step. Setting up SAML for one company to authenticate with with Office 365 is great, but when you have dozens of clients who need remote access to their own computers it gets very cumbersome and additionally lists your whole customer list on the login screen.

It would be great to be able to authenticate against Office 365 on the whole, instead of on a per-tenant basis. Is this possible? We can still create lists of users who need access internally, and give permissions and assign computers, but we at least wouldn't need to worry about password issues for Control.


Something as simple as using the domain name from the user's login name to determine which authentication source to use would be a big plus over a drop-down with every domain listed.

Very interested in this as an MSP. Any movement from the dev team?

I need this feature as well. Many customers that are using it for remote access. Been experimenting creating other solutions, but I am no Azure App or SAML auth expert.  Best solution I have so far is connect SAML to an tenant and add other users as guest user in that tenant. But I am unable to apply CW Control roles to the guest user. Works fine with non-guest users in the tenant. CW Control dev team should create and publish a Azure AD app at allows us MSPs to connect customer tenants to our CW Control instances.