Setting Up SSO: Duo as SAML
Your users can access a Vimeo Enterprise showcase using your Duo Single Sign-on gateway. Duo calls this setup a Generic SAML Service Provider.
Our below instructions are customized to the settings of the Vimeo Enterprise product. You can read Duo's original documentation here.
- Log in to the Duo Admin panel and click Applications on the left navigation, and then click Protect an Application.
- Locate SAML Service Provider in the list of applications, and then click the Protect this Application link.
- Enter the following information about your cloud app vendor in the Service Provider section:
NAME | DESCRIPTION |
Service Provider Name | Vimeo Enterprise |
Entity ID | * urn:auth0:vimeo:USER_ID |
Assertion Consumer Service | * https://vimeo.auth0.com/login/callback?connection=USER_ID |
Single Logout URL | Leave blank |
Service Provider Login URL | Leave blank |
Default Relay State | Leave blank |
* Head here for instructions on retrieving your Vimeo User ID. This number will take the place of USER_ID in the Entity ID and Assertion Consumer Service above.
- Complete the SAML Response section:
NAME | DESCRIPTION |
NameID Format | urn:auth0:vimeo:USER_ID (Same as above w/ Vimeo User ID) |
NameID Attribute | emailAddress |
Send Attributes | All |
Signature Algorithm | SHA-256 |
Sign response | Checked |
Sign assertion | Checked |
Map Attributes | mail → emailAddress Username → emailAddress givenName → firstName sn → lastName |
Create Attributes | Leave blank |
- Click Save Configuration and download the configuration file.
Add Your Cloud Application to Duo Access Gateway
- From the Duo Access Gateway server's console, click the Configure icon in the "Duo Access Gateway" application group to log on to https://yourserver.example.com/dag. Log in with the administrator password and click Applications.
- Click the Choose File button in the "Add Application" section of the page and locate the SAML application JSON file you downloaded from the Duo Admin Panel earlier in Step 5. Click the Upload button after selecting the JSON configuration file.
- The new SAML application, Vimeo Enterprise, is added.
Gather credentials for Vimeo
- Now, it's time to grab some information Vimeo needs in order to complete the integration. You can find this information in the Metadata section at the bottom of the Duo Access Gateway admin console's Applications page.
- Click Download Certificate. This will be a .crt or .pem file. Please submit it to Vimeo using the form below.
- Then, copy the SSO URL. You'll also need to submit that to Vimeo using the form below.
- We do not need the Logout URL, Entity ID, or Error URL.
Submit your details
Based on the instructions above, you can use this form to submit the required details.
If you need to update any of this information during your onboarding process after initially submitted, please re-submit the form and notify your Account Manager and Technical Program Manager.