How to self-configure SSO with Auth0

Simplify the sign-on process for your Enterprise team. ⚙️

Loom uses single sign-on (SSO) for Enterprise users to simplify the sign-in process and allow access to Loom using several authentication sources, including Auth0. Your Workspace must be subscribed to the Enterprise plan if you wish to set up SSO.

If you're the Admin of your company's Loom account, you can configure SSO using the following steps:

  1. Go to your Workspace settings by clicking on Settings in the left navigation bar of your Library. Open the security tab and toggle on Single Sign On (SSO).

    Screen_Shot_2020-10-06_at_4.12.44_PM.png

  2. Select Auth0 as your IdP for configuration. Keep this tab open, as you'll be returning to your Loom Workspace later.

  3. Go to manage.auth0.com and click on Create Application. Give your new application a name, like Loom.

  4. Choose Regular Work Applications as your application type. Go to Settings and paste the URL of Loom's logo in Application Logo (under Application Properties). Save your changes.

    Screen_Shot_2020-10-26_at_4.09.36_PM.png

  5. Under Addons, toggle on SAML2 Web App. Copy the Application Callback URL and paste it in the Application Callback URL field. Copy your SAML Settings from your Security tab and paste the text in the Settings section of the SAML2 Web App. It'll look similar to this:

    Screen_Shot_2020-07-30_at_6.38.00_PM.png

    Tip: You can use the debug tool under Settings to check that everything is properly mapped.

  6. Copy the Application Callback URL from Loom and paste it in the Application Callback URL in Auth0. Click Enable at the bottom of your screen.

    Screen_Shot_2020-10-26_at_4.13.48_PM.png

  7. Open the Usage tab next to Settings and click Download Auth0 certificate. Copy the Identity Provider Login URL.

  8. In Loom, upload the Auth0 certificate under X.509 Certificate. Click Save.

  9. Click Test Connection to confirm your setup.

👉 Note: Using SSO, Admins can set a default member role for assigning to users added to the Workspace through Just-in-Time provisioning.

Domain verification

Your team will only be able to log into Loom for Teams via SSO once at least one of your domains are verified. Once enabled, account holders with domains other than those authorized will lose access. Add a domain using either the email verification option or the DNS text record verification option. Note that for the email verification option, you'll need access to an administrator email and will need to test your connection after verifying to ensure that your connection is set up correctly (not doing so might result in getting locked out of your Loom account).

 

Questions, comments, concerns? Contact us here.   

Happy recording! 🎥 😄

0 out of 0 found this helpful