How to Configure SAML 2.0 for LogMeIn Central/Pro

Read this before you enable SAML

SAML 2.0 is supported by Common Login Service (CLS), so you must configure the LogMeIn Central/Pro application in Okta to support SAML for all CLS-enabled products (https://accounts.logme.in/, https://www.logmein.com/, https://www.join.me/).

Enabling SAML will affect all users who use this application, which means that users will not be able to sign-in through their regular log-in page. They will only be able to access the app through the Okta service.

Backup URL

LogMeIn Central/Pro does not provide a backup log-in URL where users can sign-in using their normal username and password. Please contact the LogMeIn Central/Pro Support team in order to disable SAML authentication for your account.

Supported Features
Configuration Steps
Notes

Supported Features

The Okta/LogMeIn Central/Pro SAML integration currently supports the following features:

IdP-initiated SSO
SP-initiated SSO
JIT (Just In Time) Provisioning

For more information on the listed features, visit the Okta Glossary.

Configuration Steps

Login to your LogMeIn Central instance as account owner.
Navigate to Users > Login policy.
Password strength: Set to Standard.
Login process: Set to Standard.

NOTE: You must enable these options in order to use SAML authentication.
Contact the LogMeIn Support team and request that they enable SAML 2.0 for your organization.
Include the following with your request:
- IDP metadata: Copy and paste the following:
  
  Sign into the Okta Admin dashboard to generate this value.
- Certificate: Download, then upload and attach the following:
  
  Sign into the Okta Admin Dashboard to generate this variable.
- SignOn URL: Copy and paste the following:
  
  Sign into the Okta Admin Dashboard to generate this variable.
- Domain: [YourDomain]
The LogMeIn Support team will process your request. After receiving a confirmation email, you can start assigning people to the application.
Done!

Notes

The following SAML attributes are supported:

Name	Value
FirstName	user.firstName
LastName	user.lastName
email	user.userName

IDP-initiated SSO

IDP-initiated flow is available only for the LogMeIn Central/Pro application.

SP-initiated SSO

SP-initiated flow is available for all CLS-enabled products (https://accounts.logme.in/, https://www.logmein.com/, https://www.join.me/).

For SP-initiated flow, open the login page for the CLS-enabled product, enter your email, then click Log in.