Federated Authentication Overview

Federated User Authentication enables organizations to use their own Identity Provider (IdP) as the source to verify the identity and to authenticate a user before permitting them to select a remote workstation. Once the desired workstation is selected, the user needs to provide the username and password to authenticate at the remote workstation.

Federated Authentication with Single Sign-On (SSO)

Federated Authentication is a feature that permits using the IdP to authenticate to the point of selecting your desktop from the list of workstations, and you need not to authenticate again to log in. If you are interested in this functionality, please discuss with your HP account representative.

Prerequisites

To use the Federated Authentication Functionality, you must meet the following criteria:

• CMSG 23.01 or later.
• HP PCoIP Client version 23.01.0 or later
• An Identity Provider that supports OAuth2
• A custom or third-party broker that supports Federated User Authentication using the PCoIP Broker Protocol

Next Steps

In order to successfully configure Federated Authentication, you need to follow the steps below in order:

1. Configure a third-party IDP.

   • Configure Okta
   • Configure Azure Active Directory

2. Enable Federated Authentication