Here we will guide you through the steps of using OneLogin as your IDP to configure your SAML2 SSO. Before starting the integration, you will need to contact StreamShark support to enable SSO on your account.
StreamShark supports SSO integration with both Video Player and Admin Portal, you will need to create 2 separate apps to handle each function. The setup process is very similar to each other, and we will use the Video Player setup as an example here to demonstrate the steps.
Once your account has SSO enabled, you can navigate to https://app.streamshark.io/
1. Head into your OneLogin account, in the Admin section under Application, click "Add Apps" under Apps Menu. In the Find Applications page, type in 'saml', choose SAML Test Connector (IdP w/attr)
2. In the configuration page, give the app a name, for instance, StreamShark Player, and then click Save.
3. Once the app is created, go to Edit app page, under Configuration tab, you will need those values from StreamShark portal to fill in here.
* Leave RelayState field empty
* Copy SP Entity ID into Audience field: https://play.streamshark.io/saml2/metadata?c=xxx
* Copy SP ACS URL into Recipient field: https://play.streamshark.io/saml2/acs?c=xxx
* Enter the regex format of ACS URL into ACS (Consumer) URL Validator field: ^https:\/\/play.streamshark.io/saml2/acs?c=xxx
* Copy SP ACS URL into ACS (Consumer) URL field: https://play.streamshark.io/saml2/acs?c=xxx
* Leave Single Logout URL empty.
* Click Save
4. Go to SSO tab, which will include the values that needed to put into StreamShark web portal.
* Copy OneLogin Issuer URL to StreamShark Issuer URL, the value looks like https://app.onelogin.com/saml/metadata/xxx-xxx-xxx-xxx
* Copy OneLogin SAML 2.0 Endpoint (HTTP) to StreamShark SAML 2.0 Endpoint, the value looks like https://streamshark.onelogin.com/trust/saml2/http-post/sso/xxx
* Click View Details for X.509 Certificate, download X.509 Certificate in X.509 PEM format, and upload the file into StreamShark X.509 Certificate.
* Enter User.FirstName into First name attribute key, enter User.LastName into Last name attribute key, and enter ssGroups into Groups attribute key.
* Leave Your organisation's authorization groups empty.
7. Click Save after the setup, and click Test button to verify if the setup is all correct. You will see a screen like this if the setup is all good, then click Enable to finish the setup.
8. You will need to go through a similar process if need to setup SSO integration with Admin Portal access.