I’ve dealt with a lot of integration projects involving Single Sign-On using SAML2.0 but LogMeIn Rescue’s process for achieving this threw me for a loop initially. I’d like to share a little insight to hopefully help others achieve SSO using LMI Rescue with minimal pain.
If you search for “LogMeIn Rescue SAML SSO” in Google, you will probably find a help document from LogMeIn describing how to use SAML1.1 for SSO. Ignore this document! It’s outdated and if you call LogMeIn for help on SAML issues they will give you a completely different document to follow.
LogMeIn Rescue supports two types of SAML authentication; IDP-Initiated SSO with POST Bindings and SP-Initiated SSO with Redirect or POST Bindings. This document will mostly deal with the IdP-initiated authentication as it’s easier to walk through the process without getting too deep into the SAML IdP configuration.
LogMeIn Rescue, unlike almost every other SAML SP out there, requires you to contact them directly to get SAML authentication working with your SAML IdP. It’s a drawn out process due to the lack of automation but it can be painless if you get the right technician/rep. They will require three main pieces of information which you should have readily available so that you won’t delay the process longer than it already will be.
- SAML IdP Public Certificate
- SAML IdP URL
- SAML IdP Issuer
You will also need to request your CompanyID from your rep. This will be a required attribute for establishing SAML communication with the LogMeIn Rescue SP.