Setting Up SSO
What does Vimeo support?
Setting up SSO creates a simple and secure login for your viewers. We support SSO with a variety of providers. Our out-of-the-box configuration supports SP-initiated SAML SSO with JIT provisioning.
What will we need?
In order to set up SSO, you'll need to provide the following to Vimeo:
- The domain
- A corresponding certificate depending on your Identity Provider
- A signing URL
From Vimeo, you'll need these items (replacing USER_ID with your Vimeo User ID).
- ACS URL: https://vimeo.auth0.com/login/callback?connection=USER_ID
- Entity ID: urn:auth0:vimeo:USER_ID
You can find your User ID when logged in to your Vimeo Enterprise account and heading to this page.
How do I configure this with my Identity Provider?
We support SSO with the following Identity Providers. Click which one you use to head to customized instructions per platform.
Guides tailored for Vimeo Enterprise:
- GSuite as SAML
- Okta as SAML
- Microsoft Azure as SAML (Note: only the paid versions of Azure are supported. The free Azure tier is not supported by the Vimeo SSO Solution.)
- Duo as SAML
- ADFS as SAML
Less common IdPs we support:
- Ping Federate
Please discuss with your Technical Program Manager if you are using a service not listed above.
Generic SAML 2.0 configuration
If we don't have tailored instructions for your IdP above, you'll want use their documentation to configure Vimeo as a generic SAML 2.0 application.
Every IdP needs the Value column configured according to their syntax. What's important to know here is that we require you to send us email, firstName and lastName.
|Unspecified||Varies by IdP|
|firstName||Unspecified||Varies by IdP|
|lastName||Unspecified||Varies by IdP|
Organizational Units (OUs)
Your IdP likely has your company organized into departments, which most IdPs call Organization Units. You'll want to make sure all users who should have access to Vimeo via SSO are "assigned" to the correct OU and that OU is assigned access to the Vimeo SAML 2.0 application.
SSO Groups & SCIM Provisioning
If you'd like to send over groups and provide those groups access to specific folders of content, you have two ways to send those to Vimeo.
- SCIM - Can be used to push groups as well as automatic provisioning and deprovisioning of users from your Vimeo team.
- SSO Group using a SAML attribute - Each time a user goes to log in, the group attribute will associate them with a group. If you use this method, it will not provide automatic user provisioning from your IdP.