Single Sign-On (SSO) allows users to log into the Online Video Platform (OVP) using login credentials from third party platforms such as Microsoft (Azure) or Google.
This article will show you how to set up Blue Billywig Single Sign On (SSO) with an Azure Active Directory (AD) identity provider. With these simple steps, you can easily connect Blue Billywig to your Azure AD environment.
1.0 | Azure AD setup
First, setup Azure AD by starting to configure Blue Billywig as a relying party:
- Open Azure portal: https://portal.azure.com/
- Open Azure Active Directory:
- Click Enterprise Applications
- On the Enterprise applications page, click + New Application
- On the New application page, click + Create your own application:
- In the Create your own application sidebar, enter the Name of your app: Blue Billywig SSO and select the option Integrate any other application you don’t find in the gallery (Non-gallery).
- Click Create
- On the enterprise application overview page, click Set up single sign on
- On the Single sign-on page, click on SAML
- On the SAML-based Sign-on page, click on Edit in the Basic SAML Configuration section:
- On the Basic SAML Configuration foldout, click on Add identifier in the Indentifier (Entity ID) section, and add the identifier: urn:amazon:cognito:sp:eu-west-1_2Gn0U5Y6I
- Click on the Add reply URL in the Reply URL (Assertion Consumer Service URL) section, and add the following reply URL: https://auth.bluebillywig.com/saml2/idpresponse
- Click Save on the upper left.
- Close the Basic SAML Configuration foldout.
- On the SAML-based Sign-on page, copy the App Federation Metadata Url from the SAML Certificates section. This will be needed to set up the connection in Blue Billywig.
- In the left menu click on Users and groups.
- Click on Add user/group in the top menu.
- In the free Azure AD plan, only users can be directly assigned to the Enterprise application. If you are on the free plan, you need to assign all users that need to use Blue Billywig SSO here.
- In the premium or enterprise plans, you can assign users through group membership. Then you need to assign the group that may use Blue Billywig SSO here. This is the preferred solution.
2.0 | Configure SSO in the OVP
Finally, reach out to the Blue Billywig support team at firstname.lastname@example.org and provide the App Federation Metadata endpoint to enable SSO on your OVP account.
The App Federation Metadata endpoint on Azure AD should typically look similar to:
When the SSO connection is set up on the Blue Billywig side, you will be able to log in using SSO using the sign-in button on the start page.