-
Notifications
You must be signed in to change notification settings - Fork 166
Browser Integration
📝 This Wiki page has moved. For the latest content, see Connect to VMs from within a web browser on the IAP Desktop documentation page. |
---|
You can launch IAP Desktop from within a web browser by using iap-rdp:///
links.
To enable the feature, do the following:
- Open IAP Desktop.
- Go to Tools > Options
- On the General tab, set Allow launching IAP Desktop from a web browser to enabled.
By default, the feature is turned off.
IAP Desktop supports the following format for iap-rdp:///
URLs:
iap-rdp:///project-id/zone-id/instance-name
Where:
-
project-id
is the ID of the project, for examplemy-project-123
. -
zone-id
is the ID of the zone a VM is running in, for exampleus-central1-a
. -
instance-name
is the name of the VM instance, for examplemy-instance-1
.
Note: Instead of a triple-slash, you can also use a single slash: iap-rdp:/project-id/zone-id/instance-name
.
Optionally, you can add additional parameters to the URL to customize the connection behavior:
iap-rdp:///my-project-123/us-central1-a/my-instance-1?Username=bob&DesktopSize=1
The following parameters are supported:
Parameter | Value |
---|---|
Username |
Windows username (SAM format) |
Domain |
Domain (NetBIOS format) |
RdpPort |
RDP port the server is listening on. Use this parameter if you've configured Windows to use a listening port other than 3389. |
ConnectionBar |
Controls whether the connection bar is shown in full-screen mode:
|
DesktopSize |
Controls the remote desktop resolution/size:
|
ColorDepth |
Controls the color depth of the remote desktop:
|
AudioMode |
Controls how audio is played:
|
RedirectClipboard |
Controls whether clipboard contents are shared with remote desktop:
|
RdpRedirectPrinter |
Controls whether local printers are shared with remote desktop:
|
RdpRedirectSmartCard |
Controls whether local smart cards are shared with remote desktop:
|
RdpRedirectPort |
Controls whether local ports are shared with remote desktop:
|
RdpRedirectDrive |
Controls whether local drives are shared with remote desktop:
|
RdpRedirectDevice |
Controls whether local devices are shared with remote desktop:
|
RdpHookWindowsKeys |
Controls whether the remote desktop handles Windows shortcuts (like Win+X):
|
CredentialGenerationBehavior |
Controls whether the user is offered to generate new credentials when connecting:
The parameter is ignored when you use |
CredentialCallbackUrl |
Callback URL for Windows logon credentials. When provided, IAP Desktop sends an HTTP
GET request to this URL and expects a response in the following format:
{ Domain: "domain", User: "user", Password: "password" }IAP Desktop then uses these credentials to automatically log on the user. The response must use the content type application/json .
Use URL signing or similar mechanisms to ensusre that callback URLs can only be retrieved once, or stay valid for a limited period of time only. |
- URLs can't contain Windows passwords. To automatically log on users, specify a
CredentialCallbackUrl
. - Connecting to VM instances from within a web browser is currently not supported for SSH.
- Read more about connecting to Windows VM
- See how you can connect to Linux VMs by using SSH
- Use IAP Desktop to view instance details
IAP Desktop is an open-source project and not an officially supported Google product.