Skip to main content

How to set up SAML SSO with Entra ID (formerly Azure AD)

This feature requires an Enterprise plan.

This article discusses the configuration process for SAML single sign-on (SSO) with Vimeo Enterprise using Entra ID.

For an overview of how SSO works with Vimeo Enterprise and the first steps of this process, please head to our Setting Up SSO guide.

⚠️Note: Only the paid versions of Entra ID are supported; the Vimeo SSO solution does not support the free Entra ID tier. To configure SAML single sign-on for a non-gallery application without writing code, you need to have a subscription or Entra ID Premium.

For Enterprise Accounts with Workspaces: This feature is managed at the Organization level by Organization Owners and Admins. For more information, visit How to edit my Organization's settings.

In this article:

How to add a non-gallery application

Vimeo Enterprise will be added as a "non-gallery" application to your Entra ID portal. This means it isn't a listed third-party integration available to all Entra ID administrators.

  1. Sign in to the Microsoft Entra admin center using your Microsoft Identity platform administrator account.
  2. Follow the steps on how to create your own application
  3. Enter the display name for your new application as Vimeo Enterprise.
  4. Select the third option Integrate any other application you don't find in the gallery (Non-gallery)
  5. Select Create. The application Overview page will open.

How to configure user sign-in properties

  1. Follow these steps to navigate to the application properties page.
  2. Configure how users who are assigned or unassigned to the application can sign into the application, and if a user can see the application in the access panel.
    • Enabled for users to sign-in determines whether users assigned to the application can sign in.
    • User assignment required determines whether users who aren't assigned to the application can sign in.
    • Visible to user determines whether users assigned to an app can see it in the access panel and O365 launcher.
  3. Optionally, you can add a custom logo.
  4. When you're finished, select Save.

How to edit the basic SAML configuration

  1. Follow these steps to navigate to the Set up Single Sign-On with SAML - Preview page. 
    Screenshot showing the required basic SAML configuration for single sign-on for an enterprise application.
  2. To edit the basic SAML configuration options, select Edit (the pencil icon) in the upper-right corner of the Basic SAML Configuration section.

  3. Enter the following settings:

    Field Value
    Identifier (Entity Id) Paste the Entity ID from Vimeo
    Reply URL Paste the ACS URL from Vimeo
    Sign-on URL Optional. Please leave this blank.
    Relay State Optional. Please leave this blank.
    Logout URL Optional. Please leave this blank.

How to configure my user attributes and claims

When a user authenticates via Entra ID SSO, your Entra ID account sends some basic information about the user to Vimeo. You will need to configure these values.

  1. In the Set up Single Sign-on with SAML page, scroll to the User Attributes & Claims section and select Edit (the pencil icon) in the upper-right corner.
    Section 2 of set up SSO with SAML page with the pencil icon highlighted

  2. Configure these attributes as the following:

    Name Value
    firstName user.givenname
    lastName user.surname
    email user.email
  3. Remove the namespace schema URL from the mapping attributes; ensure that the Claim name column matches the Name column above. 
    Claims and attributes page with the schema URL under the Claim name column highlighted

To configure group claims, select Add group claim in the User Attributes & Claims section. For details, see Configure group claims.

More on assigning users and groups

How to obtain the SAML signing certificate

  1. On the Set up Single Sign-on with SAML page, scroll to the SAML Certificate section.
    SAML certificates section with arrow pointing to download link for the certificate
  2. Configure the following settings for the certificate by selecting Edit (the pencil icon):
    • Expiration: Set for the maximum duration, three years from today's date
    • Signing Algorithm: SHA-256
    • Notification Email: The email address of someone in your organization responsible for administering your Entra ID account
  3. Download the Base64 version of the certificate. This should be a .pem or .crt file.
  4. Upload your certificate to the IdP certificate section on Vimeo.

Where can I retrieve my Entra ID SSO URL?

In the Set up Vimeo Enterprise section, you can find the the SSO Login URL which Vimeo requires to link to your Identity Provider. We do not need the Microsoft Entra Identifier or the Logout URL.

Set up section with login URL option highlighted

Paste the URL into the Sign-In URL field on Vimeo.

Save your SAML connection, test login, and complete your SSO setup. Make sure you’ve also assigned your users in Entra ID to the Vimeo app so they can log in through your IdP.

Suggested next steps

  • After you’ve set up SAML SSO with Entra ID, you can set up SCIM.
Was this article helpful?
4 out of 5 found this helpful
Return to top

Related articles

=