Vidyard supports SAML-Based Single Sign-On (SSO), a secure way to streamline your team’s sign-on and user-creation process.
If you're not familiar with this system, here's a quick rundown of some important terms before we start:
Single Sign-On (SSO):
SSO is an authentication process which lets users sign into multiple applications with a single set of credentials.
Security Assertion Markup Language (SAML):
SAML is a fast, secure, and popular SSO standard.
Identity Provider (IdP):
IdP refers to a service which provides the centralized authentication platform to manage user identities for your organization.
With SAML-SSO Authentication enabled, your IdP will host your users’ information. This includes sign-on credentials and metadata, such as name, username, and the name of the role to which users are assigned.
Important: This means that user creation, deletion, and assigning user roles will be managed within your IdP. Contact your IdP admin to set your user roles or to make changes to users.Here's how your IdP creates a user in Vidyard:
Your Vidyard account is used to organize the users that your IdP sends along. This includes managing what the roles are within Vidyard, and which permissions each role has within the Vidyard platform. However, users cannot be moved between roles in Vidyard – these changes must be made in your IdP.
Important: Role names in Vidyard must be an exact match to the roles set in your IdP. Coordinate with your IdP admin to set or make changes to role names. This is character, case, and space-sensitive.
To set role permissions:
CAUTION: We strongly recommend that you set Manage Single Sign-On to OFF for any non-administrator roles. This permission has the ability to disable Single Sign-On for your group.
Any user logged into Vidyard with a successful SAML authentication who does not have a role assigned in the IdP will be assigned the default role.
To set the default role:
GoVideo Enterprise customers with Single Sign-On enabled must also invite users to GoVideo using their IdP.
To invite GoVideo users using SSO: