By integrating your Vidyard Video Hub with SAML SSO (Single Sign-ON), you can provide authenticated access to videos through your existing SSO portal.
This article is written specifically for the Okta IdP (Identity Provider), but any SAML 2.0 IdP will integrate with your Video Hubs.
Once SSO is configured for your hub, each video hub appears as a separate Okta app, allowing you to restrict access on a per hub basis. Before configuring the Okta app, your Vidyard Video Hub must first be configured to force authentication.
Note: The following steps assume you have set up and configured a video hub. For more information, refer to our article on How to Set up a Video Hub.
Enable SAML 2.0 on your Video Hub
- From the Vidyard dashboard, select Channels > Hubs.
- Click Edit next to the hub you wish to modify.
- Click on the Security tab.
- From the Manage Users dropdown, select Single Sign On (SAML 2.0).
- Click Save.
Note: The Use HTTPS for all requests toggle must also be enabled in order to use SSO.
If you are using a CNAME for your video hub domain, please contact Vidyard Support. Further steps are required to create a secure connection between your chosen domain and Vidyard's.
Create an SSO application in Okta
Once your hub has been configured for Okta SSO, you’ll need to create an Okta App for your hub so users can authenticate using their Okta credentials. You will be copying and pasting configuration details between Vidyard and Okta.
Complete the steps below to build the app:
- Log into Okta with admin access.
- Click Applications.
- Click Add Application.
- Click Create a New App.
- Enter a name for the app and click Next.
- Copy the ACS (Assertion Consumer Service) URL from Vidyard and paste it into the Single sign on URL textbox in Okta.
- Check the Use this for Recipient URL and Destination URL checkbox.
- Copy the Audience URL from Vidyard and paste it into the Audience URI (SP Entity ID) textbox in Okta.
- In the Name ID format dropdown, select EmailAddress.
- In the Application username dropdown, select Email.
- Click Next.
- For the App type, check both I'm an Okta customer adding an internal app AND This is an internal application that we created.
- Click Finish.
- You will be directed to the Sign On tab in Okta. Under SAML 2.0, click View Setup Instructions. This will open a new browser tab.
- From this tab, copy the X.509 Certificate and paste it into the requested location in Vidyard.
- Copy the Identity Provider Single Sign-On URL and paste it into the SAML Endpoint URL field in Vidyard.
- Click Save.