Customers can opt to use the simple Sign in with Google button (which requires no configuration in Rewatch), or a SAML integration.

SAML (Security Assertion Markup Language), an SSO standard, permits Google to safely pass authorization credentials to service providers like Rewatch. It enables centralized management with deeper administrative control than the simple Sign in with Google integration.

These are instructions for setting up Rewatch SAML SSO with Google.

In the Google admin portal, select Apps -> Web and Mobile Apps from the left-side nav:

Next, select the Add App dropdown, and click Add custom SAML app:

Type Rewatch as the name of the application and click Continue.

Copy the SSO URL and Certificate. Save these for later, you will need these to configure Rewatch. Note that you must use the copy buttons (two interlocking rectangles). If you select the text to copy manually, the data will truncated or contain extra characters (this applies to both the SSO URL and Certificate). Afterwards, click Continue.

Fill in the following information and click Continue:

Add the following field mappings and click Finish:

Please note that Google may show an error page after clicking Finish. If you wait 5-10 minutes and return to the web and mobile apps list, the app should be setup correctly. If the problem persists, please contact Google.

In Rewatch's admin console, click on the Single sign-on & provisioning link in the sidebar. Then click the button to configure SAML.

Next, fill out the configuration form to enable SAML:

Once enabled, you'll see a preview link that you can use for testing.

If you'd like to enforce SAML for sign in, you'll need to first sign in using SAML, then edit your SAML configuration to select your preferred enforcement policy.

We currently do not have a SCIM integration with Google, as they are no longer accepting new applications for their SAML/SCIM marketplace. Google also hasn't provided a method to configure generic SCIM apps.