Rewatch Help Center
Home Member management Google SAML SSO configuration

Google SAML SSO configuration

Rewatch provides Single Sign-On (SSO) functionality for customers to access it through Google. This allows IT administrators to better manage team access and keeps information more secure. Customers can opt to use the simple Sign in with Google button (which requires no configuration in Rewatch), or a SAML integration

SAML (Security Assertion Markup Language), an SSO standard, permits Google to safely pass authorization credentials to service providers like Rewatch. It enables centralized management with deeper administrative control than the simple Sign in with Google integration.

Google setup

These are instructions for setting up Rewatch SAML SSO with Google.

Setup the Rewatch app in Google

SAML apps

New application

Service provider details

Field mappings

Rewatch setup

On the Rewatch channel admin page, click on the Security` link in the sidebar.

SAML channel settings

Paste the SSO URL from Google into the IdP SSO target URL field and paste the Certificate into the IdP Certificate field. Then, set the email domains that will redirect to your SAML provider on login. Finally, check Enable Saml login for this channel. Click Save.

You can then test the SAML integration by clicking the Test SAML button. If you login via SAML with the same email as your current admin user account, you will maintain the same admin privileges. Once logged in via SAML, you can enable Enforce SAML-only logins for this channel.

SCIM

While SAML will automatically update user information whenever they log in, you can additionally setup SCIM to automate deprovisioning and group membership updates immediately after you make these administrative changes. We currently do not support SCIM integration with Google, as they are no longer accepting new applications for their SAML/SCIM marketplace. Google does also not provide a method to configure a generic SCIM app.



Lasted edited on Jan 27th, 2021