This doc will help you quickly walk through the steps to create an Azure Active Directory app and set up the SAML SSO configuration through the app to sign in inside Hippo Video.
To activate SSO you need Hippo Video Enterprise plan
Admin users of Hippo Video and Azure Active Directory will have access to set up SSO
Note: Before starting with the configuration, ensure that your SSO Configuration page is kept open inside Hippo Video.
To open the SSO configuration page inside Hippo Video:
Login to Hippo Video using existing credentials.
Click on the Settings icon from the left navigation bar and then click on SSO Configuration card.
Or click on the More icon from the left navigation bar > Settings > SSO Configuration card.
Enter Your IDP domain upon which the ACS URL data gets updated automatically.
To configure SSO with Azure AD:
Open the Azure AD portal in a new tab and log in with your existing credentials.
Click on Enterprise Applications below Azure Services.
Click New Application from the top.
Then, click on Create your own application from the top.
Enter the name of your app on the right side of the screen and click Create.
You’ll be directed to the Overview screen of your application.
Click on Single sign-on from the left navbar below the Manage tab.
Select SAML card.
Note: The Login and Azure AD Identifier URLs are mandatory to configure the application with Hippo Video.
You’ll be redirected to the SAML-based Sign-on screen. Here, in Step 4: Copy the Azure AD Identifier url.
And, move to Step 1 and click the Edit button.
Paste the copied URL inside Identifier (Entity ID).
And also inside the Issuer URL field of Hippo Video - SSO Configuration page.
Go to Hippo Video - SSO Configuration page and copy the ACS URL.
Then, navigate to Azure AD portal and paste it inside the Reply URL and Sign on URL.
Note: Edit the Sign on URL by removing the text ‘/callback’ to ensure the valid URL.
Once you’re done, click Save at the top left (as shown below).
Below the Step 4: Copy the Login URL.
Paste it inside the Target URL of the Hippo Video - SSO Configuration page.
Below Step 3: SAML Signing Certificate, click on Download near Certificate (Base64) to get the certificate.
Open the downloaded file with Notepad and copy the text that begins right after BEGIN CERTIFICATE … and right before END CERTIFICATE.
Again, navigate to Hippo Video - SSO Configuration page and paste it inside the X509 Certificate.
To set User Attributes & Claims:
Below Step 2: Click the Edit button.
Click the Unique User Identifier and ensure it is set as ‘user.mail’.
Note: This unique ID helps in identifying the user inside Hippo Video.
Ensure that the Name Identifier Format is selected as Email Address.
Click Save at the top left.
Now, you have successfully done the configuration process inside Azure AD.
To set/add users inside Azure AD:
Click on Users and Groups from the left navbar to set or add users who have access to login to Hippo Video using SSO.
To complete the configuration process inside Hippo Video:
Navigate to Hippo Video - SSO Configuration page and check for the details filled.
Then, click Save to complete the configuration process.