Set up SSO for user management with Azure

Overview

You can use single sign on (SSO) with Vidyard to simplify the sign-in process and allow users to access their account with the same credentials they use every day. This article is written specifically for use with Azure, but you can use any Identity Provider (IdP) to manage user provisioning in Vidyard.

Create an SSO Profile in Vidyard

1. Follow the steps to create an SSO profile in Vidyard.
2. Obtain the ACS URL and Entity ID which you will need to use in your app in Azure (see below).
3. Under SAML Signing Certificate, download the Certificate (Base 64) from Azure and paste into the Public X.509 Certificate field in Vidyard.
   
4. Copy the Login URL from Azure and paste into the SAML Endpoint URL field in Vidyard
   

SAML Settings in Azure

1. Copy the ACS URL from your SSO profile in Vidyard and paste into the Reply URL field in Azure.

2. Copy the Entity ID URL from your SSO profile in Vidyard and paste into the Identifier (Entity ID) field in Azure
3. Leave the Sign On URL field blank
4. Leave the Relay State field blank
5. Leave the Logout URL field blank

Assign users to a team

You will need to assign users to the appropriate team by adding a custom attribute called vyTeam. You can learn more about this in our general article about SSO for user management, and use these instructions to set this up in Azure.

You may also choose to assign the vyTeam value based on membership of a particular group in Azure. For example, you could set the value of vyTeam to User for members of the Azure group "Vidyard Users". You can do this by setting up a custom claim based on these instructions from Microsoft.

1. From your SAML app, navigate to Attributes & Claims > Add New Claim.
2. Enter vyTeam as the Name.
3. Under Claim Conditions, you can specify that membership of a particular group will result in setting the value of vyTeam to a particular value.