Using SSO with Vimeo Enterprise, you can provision users in several ways depending on your use case and needs. Read more about which SSO configuration we recommend for your use case
In this article
JIT Provisioning
Just-In-Time (JIT) Provisioning allows users to be added to your account as soon as they successfully authenticate with your IdP for the first time.
- For example, if you claim your company’s email domain for a SAML connection, all users with that domain in their email will be redirected to that IDP login gate, where they will authenticate and be provisioned to Vimeo after their first successful login.
- Additionally, if you set up Vimeo as a gallery app within a page in your IdP listing all the apps your users have access to, all users who access Vimeo using IdP-initiated SSO will be provisioned to Vimeo after their first login.
- Finally, JIT provisioning can also be enabled to automatically provision users to your account after they authenticate using your test URL, linked within the SAML connection modal.
To set up JIT provisioning, ensure you’ve enabled the JIT provisioning flag. You can also request your company’s email domain be verified for your SAML connection. As soon as the domain is verified, users with that domain will be redirected to log in with SSO using the corresponding SAML connection.
Team-based
Team-based SSO allows only users who are already on your account to log in with SSO. This option is ideal for accounts of small teams of users if many other people in your company want to continue logging into their separate Vimeo accounts without SSO. Team-based SSO does not provide a way to automatically provision users from your company. If you use Team-based SSO, users would have to be manually invited to your account in order to access it.
SCIM
SCIM (System for Cross-domain Identity Management) is an open standard that allows you to automatically provision users to Vimeo without requiring them to log in or be invited to Vimeo. SCIM also ensures your user memberships stay up to date and allows you to send push groups.
SCIM relies on an API connection that connects your IDP to Vimeo and talks to each other in the background. When enabling SCIM, all your current users will be provisioned at once after they are pushed to Vimeo. Then, when a new employee joins the company, they will automatically be created in your account on Vimeo. When an employee leaves the company, they will be removed from your Vimeo account without you having to manually remove them.
Only account owners can set up SCIM. To learn how to set up SCIM, click here.