How to configure SSO for GoToMeeting

ADSelfService Plus supports AD-based SSO for GoToMeeting and many other cloud applications such as Salesforce, Google Workspace, and Cybozu. With GoToMeeting SSO enabled, users only have to log in once using their AD domain credentials. After logging in, users can securely access their GoToMeeting account without having to enter their username and password again.

ADSelfService Plus supports the service-provider-initiated SSO method for GoToMeeting. Through this method, when users access GoToMeeting via a URL or bookmark, they are routed to the login page of ADSelfService Plus. After they log in, they will be redirected and logged in to GoToMeeting automatically.

Service Provider (SP)-initiated SSO is supported by ADSelfService Plus for GoToMeeting.

SP-initiated SSO for GoToMeeting: When users access GoToMeeting via a URL or bookmark, they are routed to the login page of ADSelfService Plus. After they log in, they will be redirected and logged into GoToMeeting automatically.

Benefits of SSO using ADSelfService Plus

• One-click access to enterprise applications: When SSO is enabled, users simply need to log in to ADSelfService Plus, which acts as the identity provider. Once logged in, users are presented with a dashboard that lists every cloud application they have access to.
• Secure SSO with MFA: ADSelfService Plus' MFA feature can be implemented to protect SSO through advanced authentication methods such as biometrics, time-based one-time passcodes, and QR-code based authentication.
• Policy-based access control: Control who accesses which cloud applications by creating policies based on Active Directory OUs and groups. You can create multiple policies and restrict access to critical business applications to only users who need them.

Follow the step-by-step guide given below to configure SSO for GoToMeeting

Before you begin

Download and install ADSelfService Plus if you haven’t already.

Configuring your Active Directory domain in ADSelfService Plus

ADSelfService Plus utilizes the existing AD domain credentials for authenticating users during SSO. This makes the configuration of AD domains in ADSelfService Plus necessary before enabling SSO for GoToMeeting.

By default, ADSelfService Plus will try to add all the domains that it can discover in the network. If the required domains are automatically added, skip to step 9; otherwise, follow the steps below and add the domains manually.

1. Log in to ADSelfService Plus web console using admin credentials.
2. Click the Domain Settings link located on the top-right corner of the page.
3. An Add Domain Details window will appear.
4. In the Domain Name field, enter the name of the domain you want to add.
5. In the Add Domain Controllers field, click Discover. ADSelfService Plus will try to automatically discover the domain controllers associated with the specified domain.
6. If the domain controllers are not auto-discovered automatically, enter the domain controller name in the field provided, and click Add.
7. You can leave the authentication fields empty if you're not going to use the end user self-service features of ADSelfService Plus.
8. In Add Domain Details window, click Add.

Getting the SSO/SAML Details from ADSelfService Plus

9. Navigate to Configuration → Self-Service → Password Sync/Single Sign On.
10. In the dashboard which displays the list of applications supported by ADSelfService Plus, click GoToMeeting.
11. Click Download SSO Certificate located on the top-right corner of the page.
12. In the pop-up that appears, copy the Login URL and Logout URL.
13. Click Download SSO Certificate to download the PEM file.

    

Configuring SSO settings in GoToMeeting

14. Log in to GoToMeeting with administrator credentials.
15. Navigate to the Identity provider tab and select Manual from the drop-down menu.
16. For the Sign-in page url, paste the Login URL from step 12.
17. For the Sign-out page url (optional), paste the Logout URL from step 12.

    

18. In the Identity Provider Entity ID field, enter the Login URL from step 12.
19. Open the PEM file from step 13 in a text editor (like Notepad), and copy the entire contents of the file (including the -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- lines). Paste the certificate file text in the Verification Certificate field.

    

20. Click Save.

Adding your GoToMeeting domain in ADSelfService Plus and enabling SSO

21. Navigate to ADSelfService Plus’ GoToMeeting configuration page.
22. In the Domain Name field, enter the name of the domain for which you have enabled SSO.
23. In the Display Name field, provide an appropriate display name.
24. Provide an appropriate description in the Description field.
25. In the Available Policies field, select the policies for which SSO must be enabled.

    Note: ADSelfService Plus allows you to create OU and group-based policies for your AD domains. To create a policy, go to Configuration → Self-Service → Policy Configuration → Add New Policy. Click Select OUs/Groups, and make the selection based on your requirements. You need to select at least one self-service feature.

    

26. Click Save.

That’s it! Now users can log into their Citrix ShareFile account automatically using single sign-on.