Skip to content

Single Sign-On Overview

Federated User Authentication enables organizations to use their own Identity Provider (IdP) as the source to verify the identity and to authenticate a user before permitting them to select remote workstation. By Configuring Single-Sign-On, the user does not need to authenticate and directly connects to the remote workstation once the desired workstation is selected.

Federated Authentication with Single Sign-On (SSO)

Single Sign-On is a feature that permits using the IdP to authenticate to the point of selecting your desktop from the list of workstations, and you need not to authenticate again to log in.


To use the Federated Authentication Functionality, you must meet the following criteria:

  • CMSG 23.01 or later.
  • HP PCoIP Client version 23.01.0 or later
  • HP PCoIP Windows Agent 23.01.0 or later (SSO is not supported on Linux or MacOS)
  • An Identity Provider that supports OAuth2
  • A custom or third-party broker that supports Federated User Authentication using the PCoIP Broker Protocol

Next Steps

In order to successfully configure Single Sign-On, you need to follow the steps below in order:

  1. Configure a third-party IDP.

  2. Prepare for SSO

  3. Enable Federated Authentication with SSO