This guide will provide instructions on how to integrate SurfConext SSO into the YuJa Enterprise Video Platform and allow users to login in with their SurfConext accounts.
Adding YuJa EVP to SurfConext as an Application
The below steps will add the YuJa Enterprise Video Platform as an application on SurfContext.
- Log into the SurfConext Admin account.
- Navigate to the Services page.
- Choose where to add a new entity.
- Add new entity for production environment
- Add new entity for test environment
- Within Create Registration make the following selections.
- Protocol?: SAML 2.0
- From existing entity?: No, create blank registration form.
- Fill in the following information, the rest can be left blank.
- ACS Location: https://<zone_prefix>.yuja.com/D/SamlReceiveResponse
- Entity ID: https://<zone_prefix>.yuja.com
- Logo URL: https://www.yuja.com/wp-content/uploads/2019/08/yuja-logo.png
- Name nl: YuJa
- Description nl: YuJa Enterprise Video Platform
- Name en: YuJa
- Description en: YuJa Enterprise Video Platform
- Technical Contact: Fill out the information for your technical support.
- Attributes: Select Given Name, Sur Name, and Email Address. Type in “For SAML integration” for the purposes of the tool.”
- Once done, click Publish at the bottom of the page to save the app.
Obtaining SurfConext Metadata
SurfContext Metadata will need to be obtained prior to integrating with the YuJa Enterprise Video Platform.
- Find the Metadata XML file. More information on that can be found here.
- Once the XML file is obtained, find and copy the URL under SingleSignOnService's Location.
- Next, copy down the x.509 certificate code. Make sure to copy the one under the "signing" tab.
- Once the metadata is obtained, go to this link here.
-
Under the x.509 cert box, paste in the x.509 code from the previous steps under the following format
-----BEGIN CERTIFICATE-----
<YOUR_X509_CERTIFICATE_CODE>
-----END CERTIFICATE-----
- Under Algorithm, select sha1.
- Click Calculate Fingerprint, then copy down the Formatted FingerPrint code.
Integrating SurfConext into the Video Platform
To complete the SurfContext integration, all values will need to be inserted into the Video Platform.
- Log into the Video Platform as an Administrator, and got to the Admin Panel. Then select the Integrations tab.
- Select SSO - ADFS (SAML) from the dropdown menu.
- Fill in the following.
-
- ADFS SSO URL: The URL from the XML file SingleSignOnService’s Location.
-
Name ID Format: urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
- Please note that the Name ID value will need to be unique and static for each user.
- ADFS Signing Certificate Fingerprint: The Formatted FingerPrint.
- Given Name Attribute: GivenName
- Family Name Attribute: SurName
- Email Attribute: EmailAddress
-
- Once complete, click Save to save the changes.
- Next, click Activate to activate the SurfConext integration.
- Select the tab Cross-Integration with LTI and set a fallback attribute for LTI integration. Email address is recommended to prevent duplicate users from the LTI.
- Press Save.