Configuring SAML for Qumu Cloud

REQUIRED ACCOUNT/PERMISSION LEVEL

Bitium: All account levels; must be an admin to set up

Qumu Cloud: Must be an admin to set up

In Bitium:

  1. Go to “Manage Apps.”

  2. Select “Qumu Cloud” from the list of installed apps.

  3. Select the “Single Sign-On” tab.

  4. From the dropdown, select “SAML Authentication.”

    Enabling SAML for Asana

    Select Single Sign-On Provider

  5. Download the Metadata XML from Bitium. Email the metadata to your contact at Qumu.

    Enabling SAML for Asana

    Download Metadata

  6. Enter your Qumu subdomain in the Qumu Subdomain field.

  7. For each user Group in Qumu, create an equivalent Group in Bitium. The names do not have to match. Navigate to the “Groups” section in Bitium to create groups.

    Enabling SAML for Asana

    Create Bitium Groups

In Qumu Cloud:

  1. Navigate to “Administration” and then select “Groups.”

    Enabling SAML for Asana

    Groups in Qumu Cloud

  2. For each Group, click “Update”.

    Enabling SAML for Asana

    Select Pencil Icon to Update

  3. Copy or create a value in the SSO Group SID field.

    Enabling SAML for Asana

    Copy SSO Group SID value

In Bitium:

  1. Navigate to your SAML settings under the “Single Sign-On” tab.

  2. Add a field under Saml Role for each user Group. From the dropdown, select the matching Group in Bitium. In the field, paste the value that was set in Qumu for SSO Group SID.

    Enabling SAML for Asana

    SAML Role Configuration

    Note: Make sure the existing users are assigned to the appropriate groups in Bitium and Qumu. In the future, users can be created and assigned to the appropriate groups in Bitium, and will be provisioned into Qumu via JIT provisioning after launching the app with SAML authentication for the first time.

Testing:

IDP Initiated Login

  1. From the Bitium Dashboard, click on the Qumu Cloud app.
  2. You should be authenticated into the app.

SP Initiated Login

  1. Assign yourself or an appropriate user to the Qumu app in Bitium.
  2. In a fresh window or browser not logged into Qumu or Bitium, navigate to http://{your subdomain}.qumucloud.com
  3. You should be redirected to a Bitium login page. Sign into this.
  4. After signing in, you should be authenticated into your Qumu organization.
SAML Enabled will be illuminated in green once completed.