Customers can opt to use the simple
Sign in with Google button (which requires no configuration in Rewatch), or a SAML integration.
SAML (Security Assertion Markup Language), an SSO standard, permits Google to safely pass authorization credentials to service providers like Rewatch. It enables centralized management with deeper administrative control than the simple
Sign in with Google integration.
These are instructions for setting up Rewatch SAML SSO with Google.
Setup the Rewatch app in Google
In the Google admin portal, select
Web and Mobile Apps from the left-side nav:
Next, select the
Add App dropdown, and click
Add custom SAML app:
Rewatch as the name of the application and click
Copy the SSO URL and Certificate. Save these for later, you will need these to configure Rewatch. Note that you must use the copy buttons (two interlocking rectangles). If you select the text to copy manually, the data will truncated or contain extra characters (this applies to both the SSO URL and Certificate). Afterwards, click Continue.
Fill in the following information and click Continue:
Check Signed response Name ID format:
Basic Information > Primary email
Add the following field mappings and click Finish:
Please note that Google may show an error page after clicking Finish. If you wait 5-10 minutes and return to the web and mobile apps list, the app should be setup correctly. If the problem persists, please contact Google.
In Rewatch's admin console, click on the
Single sign-on & provisioning link in the sidebar. Then click the button to
Next, fill out the configuration form to enable SAML:
Target URL: use Google's
Certificate: use Google's provided
Managed email domains: enter email domains that will redirect to Okta for sign in
Once enabled, you'll see a preview link that you can use for testing.
If you'd like to enforce SAML for sign in, you'll need to first sign in using SAML, then edit your SAML configuration to select your preferred enforcement policy.
We currently do not have a SCIM integration with Google, as they are no longer accepting new applications for their SAML/SCIM marketplace. Google also hasn't provided a method to configure generic SCIM apps.