Single Sign On (SSO) is an authentication process that grants users access to multiple software programs through a single set of login credentials.
SSO eliminates the need for users to remember and update several sets of usernames and passwords. It also allows organizations greater control over the administration of users and the allocation of company tools.
Vidyard's SSO (SAML 2.0) feature allows you to manage both user-creation and the sign-in process through one or more Identity Provider tools (IdPs).
You can also pass custom attributes from your IdP to Vidyard to indicate both what team a user belongs to and allocate a GoVideo seat (if applicable).
- You must be a member of the Admin team
Create an SSO profile
A "profile" is an SSO configuration. If necessary, you can create multiple SSO profiles to manage user authentication—for example, if your company manages more than one IdP. However, in most cases, you will only require one profile.
- From the Vidyard dashboard, select Admin > Single Sign On
- Click on Add Profile
- Give your profile a name
- Provide your IdP with the ACS URL from Vidyard
- Remember that every IdP is different; it may require that you add the URL to more than one type of field during set up.
- Obtain the X.509 Certificate and SAML Endpoint URL from your IdP and enter them into the fields provided in Vidyard.
- Click Save Changes
Assign users to a Team
To assign users to a Team, you will need to configure your IdP to pass a custom attribute to Vidyard in the format of
If you have a paid subscription to GoVideo, you can also grant users a GoVideo seat with the custom attribute
- Use the dropdown menu to select what Team a user will be assigned to should they sign in without a valid
Note: every IdP has its own way to pass custom attributes as part of the SAML assertion to a service provider app (i.e. Vidyard). Consult with your IdP vendor if you need help understanding how to use custom attributes.
Does Vidyard sign users out after a duration of inactivity?
- Yes. A user's session will timeout after 24 hours inactivity. After that time, they will be required to sign in again.
Does Vidyard require identities to be provisioned and de-provisioned in its database?
- Vidyard supports account provisioning through any SAML IdP. Just-in-time provisioning creates an account upon a successful SAML assertion.
- If user access is removed in the IdP, the user will remain in Vidyard but the account will be inaccessible. Because we cannot delete a user in Vidyard via the IdP, an administrator will have to manually remove the user's account from Vidyard thereafter.
Does Vidyard allow for both IDP & SP-initiated sign in workflows?
- Vidyard currently allows for IdP-initiated sign in. In other words, users must sign in to their IdP first and select the Vidyard application to authenticate.
Can you sign in to the Vidyard Chrome extension or web app through SSO?
- You cannot currently sign in to the Chrome extension or app (Vidyard for Gmail, Outlook, etc.) through a "sign in via SSO" option. Users should initiate the sign in process to Vidyard through their IdP; then, once they have an authenticated session, open the Chrome extension or Vidyard app and use the "Continue as" option to access their account.