Google Apps SAML Integration with Screencast-O-Matic
Google Apps serving as the Identity Provider (IDP) can provide your users with single sign-on (SSO) access via Security Assertion Markup Language 2.0 Standard (SAML) to the Screencast-O-Matic Screen Recorder and Video Editor under your team plan. Also, when Team Premier users first authenticate via SAML, we setup their dedicated hosting account as part of the Team Plan.
This article describes how to configure SAML SSO with Google Apps serving as the IDP.
- Your organization must be using Google Apps
- You will need administrative permissions for Google Apps
- Your must be using a Screencast-O-Matic Team Plan
- You will need administrative permissions for your Team Plan
Configuring SAML SSO with Screencast-O-Matic1. Login into Google Apps as an Admin.
2. In your Google Apps Administration Console, select the "Apps" option.
3. In the Apps window select SAML App.
4. Choose the "+" option to add a new application.
5. Select "Setup my Own Custom App".
6. Download the IDP Metadata file and save to your computer. Click next.
7. Fill out an application name. Click Next.
8. Keep the following tab/window open as we will return to configure later.
9. Login as Team Admin and click your user icon, then Settings.
10. On left sidebar, click Authentication.
11. Under "SAML User Access" move the slider to On which forces your users to login via SAML
Once enabled, you will find the additional settings one will need to setup communication between Screencast-O-Matic and the ADFS identity provider.
12. Download the metadata XML from the settings area.
13. Select "Choose File" and upload the Google Apps IDP Metadata file you previously saved.
14. Copy the ACS URL and Entity ID for use in Google Apps.
15.Return to the Google Apps tab or window and paste the ACS URL and Entity ID into their respective fields.
Make sure to leave the defaults for Name ID set to "Basic Information" and "Primary Email"
16 Add Attributes to map First and Last name for users
urn:oid:18.104.22.168 -> First Name (Basic Information)
urn:oid:22.214.171.124 -> Last Name (Basic Information)
17. You should see the following screen with your installed app.
18. Return to the Screencast-O-Matic Authentication Settings and click Save.
You are all set! Now when your users land on the team access page they will be prompted to login via Google SSO.