Screencast-O-Matic supports Single Sign On (SSO) via the Security Assertion Markup Language 2.0 Standard. SAML Authentication in Screencast-O-Matic allows users to login to Screencast-O-Matic using credentials from an organizations SAML based Identity Provider (IDP).
This article describes how to configure SAML SSO with Google Apps serving as the IDP. If you have another configuration such as ADFS, OKTA, etc. the settings are standard but please contact firstname.lastname@example.org for help getting setup.
- Your organization must be using Google Apps
- You will need administrative permissions for Google Apps
- Your must be using a Screencast-O-Matic Group Pro Recorder Plan (Site License)
- You will need administrative permissions for your Group Plan
Configuring SAML SSO with Screencast-O-Matic
- Login into Google Apps as an Admin.
- In your Google Apps Administration Console, select the "Apps" option.
- In the Apps window select SAML App.
- Choose the "+" option to add a new application.
- Select "Setup my Own Custom App".
- Download the IDP Metadata file and save to your computer. Click next.
- Fill out an application name. Click Next.
- Keep the following tab/window open as we will return to configure later.
- Login to Screencast-O-Matic.com in a separate browser tab or window and go to the Pro Recorder Tab on your Account Page.
- Select Setup under Site License Access Page.
- Scroll down and check "Require User Domain" under SAML User Restriction.
- Select "Choose File" and upload the Google Apps IDP Metadata file you previously saved.
- Copy the ACS URL.
- Return to the Google Apps tab or window and paste the ACS URL.
- Copy the Entity ID.
- Return to the Google Apps tab or window and paste the Entity ID then click "Next".
- Click Finish.
- You should see the following screen with your installed app.
- Return to the Screencast-O-Matc tab or window and click OK from the Setup Access Page dialogue.
- You are all set! Now when your users land on the Pro Recorder Site License access page they will be prompted to login via Google SSO.