Active Directory Federation Services (ADFS) can provide your users with single sign-on (SSO) access via Security Assertion Markup Language 2.0 Standard (SAML) to the Screencast-O-Matic Screen Recorder and Video Editor under your team plan. Also, when Team Premier users first authenticate via SAML, we setup their dedicated hosting account as part of the Team Plan.
Here are the SAML attributes the integration will need from the ADFS server:
Once you have your ADFS server setup, your Team Plan admin may choose to optionally require login via SAML from the Screencast-O-Matic Admin Account Authentication Settings.
Once enabled, you will find the additional settings one will need to setup communication between Screencast-O-Matic and the ADFS identity provider.
4. Download the metadata XML from the settings area.
5. Save this XML for a later step. Next, we will get ADFS setup before coming back to this settings window to upload the IDP identify file.
Our assumption here is you have an ADFS instance setup for single sign-on. Refer to this article if you are using Azure.
6. To update your ADFS metadata complete these steps. You will likely require admin privileges for your ADFS instance to perform these steps.
7. With ADFS setup, we need to find the IDP file / Federation Metadata XML and upload this to the Screencast-O-Matic Admin Account Authentication Settings.
Typically, this file is found here:
Download this file, and head back to the Screencast-O-Matic Admin Account Authentication Settings.
8. Under SAML User Access, click the Choose File button under Upload IDP Metadata File section.
9. Once uploaded, the file will be validated and you should see a message "Metadata matches". You can click Test Login and you should see the normal login prompt for your organization.
10. Click the Save button to commit the IDP Metadata and you are done.
First and Last name is required as SAML requires setting up a user in our system.
If the name is not auto-populating, try mapping the LDAP attributes like this.
Surname -> urn:oid:184.108.40.206Given-Name -> urn:oid:220.127.116.11