Streamvisor Docs
Toggle Dark/Light/Auto mode Toggle Dark/Light/Auto mode Toggle Dark/Light/Auto mode Back to homepage

Configure SSO

SSO is only available in Streamvisor Enterprise edition.

Configuring the OIDC provider

The exact steps will depend on your OIDC provider but this guide will explain the general steps to follow.

1. Create an OIDC application client

The application should be configured to use the OAuth 2.0 / OIDC authorization_code flow.

2. Set the authorized redirect URL

In the OAuth 2.0 authorization code flow, the user is redirected by the provider after authenticating.
This redirection endpoint is usually called redirect URI or callback URI.

The redirect URI for Streamvisor will look like this:
http(s)://<Streamvisor host>:<Streamvisor port>/login/callback

The <Streamvisor host> and <Streamvisor port> depend on the way you deploy / expose Streamvisor.

Note that SSO will work only, if Streamvisor is accessed using this URL.
If you try to log in from another URL, you will be redirected, making the browser lose cookies and it will not work.

3. Get the application client ID

Somewhere in the application settings, you will find the client_id.
Make sure to note it down, because you will need it to configure Streamvisor.

Configuring Streamvisor

To enable SSO in Streamvisor, you need to set a few configuration properties.
The minimum required properties are:

  • streamvisor.sso.oauth.providers.{providerName}.client-id: The application client_id you configured in your OIDC provider.
  • streamvisor.sso.oauth.providers.{providerName}.issuer-uri: The issuer URI of your OIDC provider. Used to discover the provider configuration using the ./well-known/openid-configuration path.
  • streamvisor.sso.oauth.providers.{providerName}.scopes: The comma-separated list of scopes to request.

For a full list of SSO-related properties, please refer to the Configuration Reference.