LogMeIn support sites no longer support Microsoft's Internet Explorer (IE) browser. Please use a supported browser to ensure all features perform as they should (Chrome / FireFox / Edge).

The GoTo support site no longer supports Safari 15. Please upgrade your browser to Safari 16 (or newer) or switch to a supported browser such as Google Chrome, Mozilla Firefox, or Microsoft Edge.

Award-winning online meeting software. Discover GoTo Meeting.

We are currently experiencing an unplanned outage for this product. View Service Status
  • Support
  • Products

    Explore support by product

    GoTo Connect

    All-in-one phone, meeting and messaging software

    GoTo Meeting

    Video and audio meeting software

    GoTo Webinar

    All-in-one webinar and virtual events software

    GoTo Room

    Conference room hardware

    GoTo Training

    Online training software

    OpenVoice

    Audio conferencing software

    Grasshopper

    Lightweight virtual phone system

    join.me

    Video conferencing software

    GoTo Resolve

    IT management & support

    GoTo Resolve MDM

    Mobile device management

    Pro

    Remote device access

    Central

    Remote monitoring & management

    Rescue

    Remote IT support

    GoToMyPC

    Remote desktop access

    GoToAssist

    Remote support software

    Hamachi

    Hosted VPN service

    RemotelyAnywhere

    On-prem remote access solution
  • Community
  • Trainings
  • Service Status

  • Language selector icon Language selector icon
    • English
    • français
    • italiano
    • Deutsch
    • español
    • português
    • Nederlands
  • Contact Support
  • Service Status
  • User Avatar User Avatar
    • Support
    • Contact Support
    • Browse Products
    • Service Status
    • Community
    • Trainings
    • Sign in
    • User Avatar
    • My Account
    • Personal Info
    • Sign In & Security
    • My Cases
    • Billing Center
    • https://link.goto.com/myaccount-billing
    • My GoTo Connect
    • My Meetings
    • My Webinars
    • My Trainings
    • My Conferences
    • My Resolutions
    • My Mobile Devices
    • My Sessions
    • My Sessions
    • My Incidents
    • Sign out
  • GoTo Meeting
  • Account and Billing
  • IT Admin Management
  • Enterprise Sign-In
product logo
Back button image Back
Back button image
product logo

Set Up Enterprise Sign-In (SSO)

Set up a SAML-based single sign-on (SSO) option for your global GoTo account to provide a simplified sign-in experience for your users.

Before you begin:
  • You must have a GoTo product account.
  • This is an advanced task typically performed by your IT Admin.
In this article:
  • Step #1: Set up your organization
  • Step #2: Configure an Identity Provider
  • Step #3: Add your Identity Provider to the Organization Center
  • Step #4: Test your SSO setup
  • Step #5: Inform your users
  • (Optional) Request to enforce Enterprise Sign-In

Step #1: Set up your organization

Create your organization by verifying at least one (1) domain used by your company.

Domains within your organization are wholly-owned email domains. For example, in the email Joe@main.com, "main.com" is the email domain. Verifying the initial domain automatically creates your organization. You can also add more domains to verify, or delete any domains you no longer need listed.

  1. Sign in to the GoTo Organization Center at https://organization.logmeininc.com.
  2. The first screen will ask that you verify that you own the domain for the account with which you are signed in currently. You are provided two methods for setting up domain validation, each of which uses a unique verification code to complete the verification. Copy the verification value to your clipboard.
    Note: The verification screen will display until the domain is verified. If it takes you longer than 10 days to verify the domain, the system will automatically generate new verification codes for your domain the next time you visit the Organization Center.
  3. Paste the verification code into the DNS record or a text file for upload to one of the locations, depending on which of the verification methods you choose: 

    • Method 1: Add a DNS record to your domain zone file. To use the DNS method, you place a DNS record at the level of the email domain within your DNS zone. Typically, users are verifying a “root” or “second level” domain such as “main.com”. In this case, the record would resemble:

      @ IN TXT “logmein-verification-code=668e156b-f5d3-430e-9944-f1d4385d043e”

      OR

      main.com. IN TXT “logmein-verification-code=668e156b-f5d3-430e-9944-f1d4385d043e”

      If you require a third-level domain (or subdomain) such as “mail.example.com” the record must be placed at that subdomain, such as:

      mail.main.com. IN TXT “logmein-verification-code=668e156b-f5d3-430e-9944-f1d4385d043e”

      For more detailed documentation, see Add a TXT DNS record.

    • Method 2: Upload a web server file to the specified website. Upload a plain-text file to your web server root containing a verification string. There should not be any whitespace or other characters in the text file besides those given.
      • Location: http://< yourdomain >/logmein-verification-code.txt
      • Contents: logmein-verification-code=668e156b-f5d3-430e-9944-f1d4385d043e
  4. Once you have added the DNS record or text file, return to the domain status screen and select Verify.

Step #2: Configure an Identity Provider

We support SAML 2.0 Identity Providers to include the following:
  • Microsoft Active Directory Federation Services (AD FS)

    Active Directory Federation Services is a feature of the Windows Server operating system that extends user's Windows sign-on access to other applications outside the corporate network. You can configure AD FS to work as an Identity Provider for GoTo's products. Learn how to configure AD FS 2.0 or AD FS 3.0.

  • Third-party Identity and Access Management Providers

    Many third-party Identity and Access Management partners offer SSO as part of their feature set, including:

    • Azure AD
    • Okta
    • OneLogin
    • Active Directory Federated Services (AD FS) v2.0 |  v3.0
    • RSA
    • SecureAuth
  • If your Identity Provider is not listed, proceed to Set Up a Custom Enterprise Sign-In Configuration.

Step #3: Add your Identity Provider to the Organization Center

We recommend that you automatically add the Identity Provider to the Organization Center by using the link to your Identity Provider's metadata file if they have provided one. Since the metadata file is generated, it is less prone to typographical errors.

If your Identity Provider does not supply a metadata file, you will need to manually add your Identity Provider.

  1. Sign in to the GoTo Organization Center at https://organization.logmeininc.com.
  2. Select the Identity Provider tab.
  3. If you have a metadata file from your IdP:
    1. Choose Automatic from the drop-down menu.
    2. Enter the Metadata URL.
  4. If you do not have a metadata file from your IdP:
    1. Choose Manual from the drop-down menu.
    2. Enter the data provided by your Identity Provider:
    Option Description
    Sign-in page URL Enter the full IdP URL path. It must begin with https://.
    Sign-in binding Select Redirect or POST.
    Sign-out page URL Enter a URL where you want your users redirected upon sign-out.
    Sign-out binding Select Redirect or POST.
    Identity Provider Entity ID Location of the globally unique name for your IdP as a SAML entity.
    Verification certificate The IdP’s public certificate used to verify incoming responses from the IdP. You can add it by uploading (select Upload certificate to import the certificate from a saved location) or copy and paste the text of the certificate.
    Tip: If you choose to copy and paste the text of the certificate, it is required that the field starts with -----BEGIN CERTIFICATE----- and ends with -----END CERTIFICATE-----.
  5. Select Save.

Step #4: Test your SSO setup

  1. Sign in to your GoTo Meeting account to test your newly established Enterprise Sign-In setup.
    Note: If you are not automatically redirected, select My Company ID, then enter your email address and select Continue.
  2. Enter your company credentials, then proceed to sign in.

Step #5: Inform your users

Let your users know that they will receive a Welcome email that contains their Company ID (username) that they can now use to sign in to their GoTo Meeting account.
Tip: Once a user signs in to their account via Enterprise Sign-In, their account status will be displayed as "Enabled" in the admin portal.

(Optional) Request to enforce Enterprise Sign-In

If you are interested in enforcing enterprise sign-in as the only sign-in method available for your GoTo Meeting users, select the  Contact Support option in this article for assistance.
Note: We can create an exclusion list, but this exclusion list will only apply to users with a Member role. We cannot exclude Admins and Super admins.
Related Articles
  • Set Up a Custom Enterprise Sign-In Configuration
  • How do I sign in using single sign-on?
  • SAML Signing Certificate for Enterprise Sign-In
  • Set Up Enterprise Sign-In Using AD FS 2.0
  • Set Up Enterprise Sign-In using AD FS 3.0
Article last updated: 6 November, 2023
You are viewing the latest version of this article.

Need help?

Contact icon Contact support
Community icon Ask the Community
Training icon Attend trainings
Video icon Watch videos
  • Language selector icon Language selector icon
    • English
    • français
    • italiano
    • Deutsch
    • español
    • português
    • Nederlands
  • About Us
  • Terms of Service
  • Privacy Policy
  • Trademark
  • Browse Products
  • Copyright © 2024 GoTo Group, Inc. All rights reserved

Collaboration Products

GoTo Connect

GoTo Meeting

GoTo Webinar

GoTo Training

join.me

Grasshopper

OpenVoice

Remote Solutions Products

GoTo Resolve

Rescue

GoToAssist

Access Products

Pro

Central

GoToMyPC