This doc will help you quickly walk through the steps to create an Azure Active Directory app and set up the SAML SSO configuration through the app to sign in inside Hippo Video.
To activate SSO you need Hippo Video Enterprise plan
Admin users of Hippo Video and Azure Active Directory will have access to set up SSO
Before starting with the configuration, ensure that your SSO Configuration page is kept open inside Hippo Video.
Click on Settings from the left nav bar and then click on the SSO Configuration card.
To configure SSO with Azure AD
Open the Azure AD portal in a new tab and log in with your existing credentials.
Click on Enterprise Applications below Azure Services.
Click New Application from the top and then Create your own application from the top left.
Enter the name of your app on the right-side of the screen and click Create.
You’ll be directed to the Overview screen of your application.
Click on Single sign-on from the left navbar below the Manage tab.
You’ll be navigated to the Set up Single Sign-On with SAML screen.
Note: The Login and Azure AD Identifier URLs are mandatory to configure the application with Hippo Video.
Below Set up (application name), click on Copy to Clipboard near Login URL.
Then, navigate to Hippo Video - SSO Configuration page and paste it inside the Target URL.
Again, navigate to the Azure AD portal and copy the Azure AD Identifier URL.
Then, navigate to Hippo Video - SSO Configuration page and paste it inside the Issuer URL.
Below the SAML Signing Certificate, click on Download near Certificate (Base64) to get the certificate.
Open the downloaded file with Notepad and copy the text that begins right after BEGIN CERTIFICATE … and right before END CERTIFICATE.
Again, navigate to Hippo Video - SSO Configuration page and paste it inside the X509 Certificate.
Enter Your IDP domain (Azure AD Portal domain ID) in the Hippo Video - SSO Configuration page upon which the ACS URL at the bottom of the page will be updated accordingly.
Note: The ACS URL is mandatory to configure with Azure AD.
To set Basic SAML Configuration
Navigate to the Azure AD portal.
Note: Identifier (Entity ID), and Reply URL (Assertion Consumer Service URL) are mandatory to set from Hippo Video. The Identifier (Entity ID) and Azure AD Identifier both are the same.
Copy the Azure AD Identifier below the Set up (application name) and then click on Edit near Identifier (Entity ID).
Paste it inside the Identifier (Entity ID).
Navigate to Hippo Video - SSO Configuration page and copy the ACS URL.
Again, navigate to the Azure AD portal and paste it inside the Reply URL.
Enter the Sign on URL i.e. ACS URL. Here, edit the URL by removing the text ‘/callback’ to ensure the valid URL.
Note: This is the URL from which the authentication request originates.
To set User Attributes & Claims
Ensure that the Unique User Identifier is set as ‘user.mail’. Click Edit.
Note: This unique ID helps in identifying the user inside Hippo Video.
Double-click on the ‘user.mail’.
Ensure that the Name Identifier Format is selected as Email Address and then click Save.
To set/add users inside Azure AD
Click on Users and Groups from the left navbar, to set or add users who have an access to login Hippo Video using SSO.
Now, you have successfully done the configuration process inside Azure AD.
To complete the configuration process inside Hippo Video
Navigate to Hippo Video - SSO Configuration page and check for the details filled.
Then click Save to complete the configuration process.