How to set up Google Single Sign-On (SSO) for your Video Hub
You can set up Google Single Sign-On (SSO) authentication for your Vidyard Video Hub and even have your Hub accessible from the G Suite (Google Apps for Work) App menu. This allows you to provide a secure, easy-to-access, and centralized location for all your internal Vidyard players - even a Live stream channel!
There are two requirements to set up SSO on your video hub:
- A company G Suite (Google Apps for Work) account
- A Vidyard Video Hub (if you do not have a Hub you can request one in the Feature Store.)
Set up Google SSO authentication for a Video Hub
- Open Hubs in the Vidyard menu and click Edit next to the Hub for which you want to set up SSO.
Note: If you haven't set up a Video Hub yet, learn how here.
- Click the Security tab for your Hub.
- Click the Manage Users drop-down list and select Single Sign-On (SAML 2.0). Keep this page open for now.
Note: The Use HTTPS for all requests toggle must also be enabled in order to use SSO.
If you are using a CNAME for your video hub domain, please contact Vidyard Support. Further steps are required to create a secure connection between your chosen domain and Vidyard's.
- In a separate browser tab, go to your Admin Console in Google and click Apps.
- Select SAML Apps.
- Click Enable SSO for a SAML application.
- Click Set up my own Custom App.
- Copy the following information from the Google IdP Information window and paste it into the corresponding Vidyard Hubs SSO fields:
- Copy from Google field: SSO URL, Paste into Vidyard field: SAML Endpoint URL
- Copy from Google field: Entity ID, Paste into Vidyard field: Audience URL
- In the Google IdP information window, under Option 1, click Download Certificate.
- A .pem file will be downloaded. Click on this file and open it with a text editor program. (Eg: TextEdit or NotePad)
- Copy all of the text in the downloaded certificate that you just opened, including "Begin Certificate" and "End Certificate".
- Switch back to your Vidyard Hubs SSO tab and paste all of the text from step 11 into the x.509 certificate box in Vidyard. Click Save Changes.
- On your Google page, add a name, description, and logo for the App, then click Next.
- In your Vidyard Video Hub security tab, copy the ACS URL, then switch back to your Google page and paste it into Google's ACS URL field.
- Next, go back to your Vidyard Video Hub security tab, copy the Audience URL, then switch back to your Google page and paste it into Google's Entity ID field.
- Leave Start URL blank and Signed Response unchecked, then click Next.
- Click Finish.
- Now that your app is configured, click the 3 dot-menu and select ON for everyone to enable the app for your whole organization.
The app will now provide secured access to the Vidyard Video Hub. If the Hub URL is shared externally, the viewer will be redirected to the Google Login page.