All Collections
Azure AD SAML SSO configuration
Azure AD SAML SSO configuration

Better manage team access with Single Sign-On (SSO) and SCIM Provisioning functionality through Azure AD.

Natalie Pabón avatar
Written by Natalie Pabón
Updated over a week ago

We use SAML (Security Assertion Markup Language), a standard that permits Azure AD to safely pass authorization credentials to service providers like Rewatch.

Azure AD setup

These are instructions for setting up Rewatch SAML SSO with Azure AD.

Setup the Rewatch app in Azure AD

  • In the Azure AD portal, select Enterprise applications from the left-side nav.

  • Next, select All Applications in the left side nav, and click the New application button above the application list.

New application

  • Type Rewatch In the search box

  • Select the Rewatch application from the results.

  • Click the Create button.

  • When the application finishes creating, click Single sign-on in the left-side nav. Under Select a single sign-on method, select SAML.

Select SAML

  • If prompted to to Save single sign-on setting, click Yes

  • If prompted to test single sign-on, click No, I'll test later

  • Click Download next to Certificate (Base64) in the SAML Signing Certificate box. You will need this to setup the SAML configuration in Rewatch.

  • Copy the Login URL under the Set up Rewatch box. You will need this to setup the SAML configuration in Rewatch.

Rewatch setup

In Rewatch's admin console, click on the Single sign-on & provisioning link in the sidebar. Then click the button to configure SAML.

Next, fill out the configuration form to enable SAML:

  • Target URL: use Azure AD's Login URL

  • Certificate: use the contents of the Azure AD certificate you downloaded

  • Managed email domains: enter email domains that will redirect to Okta for sign in

Once enabled, you'll see a preview link that you can use for testing.


If you'd like to enforce SAML for sign in, you'll need to first sign in using SAML, then edit your SAML configuration to select your preferred enforcement policy.


While SAML will automatically update user information whenever they log in, you can additionally setup SCIM to automate deprovisioning and group membership updates immediately after you make these administrative changes. We currently do not support SCIM integration with Azure AD

Did this answer your question?