Rewatch

We use SAML (Security Assertion Markup Language), a standard that permits Azure AD to safely pass authorization credentials to service providers like Rewatch.

These are instructions for setting up Rewatch SAML SSO with Azure AD.

In the Azure AD portal, select <code>Enterprise applications</code> from the left-side nav.

Next, select <code>All Applications</code> in the left side nav, and click the <code>New application</code> button above the application list.

- In the Azure AD portal, select <code>Enterprise applications</code> from the left-side nav.
- Next, select <code>All Applications</code> in the left side nav, and click the <code>New application</code> button above the application list.

Type <code>Rewatch</code> In the search box

Select the Rewatch application from the results.

- Type <code>Rewatch</code> In the search box
- Select the Rewatch application from the results.
- Click the <code>Create</code> button.

When the application finishes creating, click <code>Single sign-on</code> in the left-side nav. Under <code>Select a single sign-on method</code>, select SAML.

- When the application finishes creating, click <code>Single sign-on</code> in the left-side nav. Under <code>Select a single sign-on method</code>, select SAML.

If prompted to to <code>Save single sign-on setting</code>, click <code>Yes</code>

- If prompted to to <code>Save single sign-on setting</code>, click <code>Yes</code>

If prompted to test single sign-on, click <code>No, I'll test later</code>

- If prompted to test single sign-on, click <code>No, I'll test later</code>

Click <code>Download</code> next to <code>Certificate (Base64)</code> in the <code>SAML Signing Certificate</code> box. You will need this to setup the SAML configuration in Rewatch.

Copy the <code>Login URL</code> under the <code>Set up Rewatch</code> box. You will need this to setup the SAML configuration in Rewatch.

- Click <code>Download</code> next to <code>Certificate (Base64)</code> in the <code>SAML Signing Certificate</code> box. You will need this to setup the SAML configuration in Rewatch.
- Copy the <code>Login URL</code> under the <code>Set up Rewatch</code> box. You will need this to setup the SAML configuration in Rewatch.

In Rewatch's admin console, click on the Single sign-on &amp; provisioning link in the sidebar. Then click the button to configure SAML.

Next, fill out the configuration form to enable SAML:

Target URL: use Azure AD's <code>Login URL</code>

Certificate: use the contents of the Azure AD certificate you downloaded

Managed email domains: enter email domains that will redirect to Okta for sign in

- Target URL: use Azure AD's <code>Login URL</code> 
- Certificate: use the contents of the Azure AD certificate you downloaded
- Managed email domains: enter email domains that will redirect to Okta for sign in

Once enabled, you'll see a preview link that you can use for testing. 

If you'd like to enforce SAML for sign in, you'll need to first sign in using SAML, then edit your SAML configuration to select your preferred enforcement policy. 

While SAML will automatically update user information whenever they log in, you can additionally setup SCIM to automate deprovisioning and group membership updates immediately after you make these administrative changes. We currently do not support SCIM integration with Azure AD

Better manage team access with Single Sign-On (SSO) and SCIM Provisioning functionality through Azure AD.

Azure AD setup

Setup the Rewatch app in Azure AD

Rewatch setup

SCIM