Below is a guide on how you can configure SSO for Synthesia, this is a self-serve option and will take you through the process.
Configure the Identity Provider
Start by following your identity provider’s instructions for creating a SAML 2.0 single sign-on application. For example, here are links to vendor-specific instructions:
You will be asked to provide a number of details. In general, the defaults should be used except in the following cases.
Single Sign On URL
Sometimes referred to as the Assertion Consumer Service URL or Reply URL, please provide the following value:
Sometimes referred to as the Entity ID, please provide the following value:
We require that you specify the
NameID field to be the email address of the user account being used to login, and it should match exactly the
We ask that you include the following claims:
NameIDfield described above.)
picture(optional and does not need to be used)
Once configured, your identity provider will make available a Metadata URL. This URL provides everything we need to verify and trust assertions from your identity provider.
In the event that we are unable to verify your assertions, we will ask you to send an example of one so that we can validate that the integration has been configured correctly.
Specify a Domain
We require that you specify at least one domain that you wish to be associated with SAML SSO.
For any domain that you specify, we require you to add a TXT record to its DNS configuration in order to verify that you are authorized to use it.
Suppose that you specify the
[example.com](<http://example.com>) domain. You must add a TXT record to the below subdomain with the value
Every domain registrar and dns provider will have a form somewhere with 3/4 fields:
ttl -- This is usually an optional field
In most cases, it will look something like this:
ttl: if there is a default use it, otherwise 60 min is fine.
Once your identity provider has been configured and you’ve updated the DNS settings of the domains you wish to be associated with, please provide Synthesia with the following details.
This will be made available by your identity provider once Synthesia has been configured as an application.
These are the domain(s) that you wish to be associated with SAML SSO (for example,
example.com). For these domains, all other methods of login will be disabled