Brandlive Studio: SSO & SAML 2.0

This document outlines the requirements to initiate SAML 2.0 between Studio and the client directory. Clients wishing to implement SAML should request a call with their Brandlive representative, who will schedule a meeting with Brandlive Solutions for implementation.

SAML 2.0
• SAML Flow: SP-Initiated and IdP-Initiated
• SP HTTP Protocol: https
• SP Entity ID:
• SAML NameID Format: urn:oasis:names:tc:SAML:2.0:nameid-format: transient
• SP Assertion Consumer Service (ACS) URL:
• SP Start URL: Each time there is a webcast, it is uniquely identified by a ShowKey (integer). Therefore, the SP Start URL will always begin with the following, but then have a varying integer at the end.
• For IdP-initiated, the unique ShowKey is included in the Response for Brandlive to know which SAML-configured event/webinar to allow entry into.

Initiating SAML: requirements needed from the client
Information needed to enable 2-factor Authentication and Single Sign-on (SSO) access via SAML to Brandlive Studio:

(For Brandlive) Client = IdP
o Client to provide a link to metadata, including endpoint URL and x509 certificate
o Client to provide a list of response’s named payload attributes to be mapped. Unique email is a minimal requirement, while First Name and Last Name are recommended to help identify users.
Fields are case-sensitive and exact spellings are required (field requirements to be passed)
o Client to provide public X509 certificate

(For Client) Brandlive Studio = SP
o Entity ID =
o (ACS) Assertion Consumer Service =


Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request


1 comment
  • Updated details to acquire from client and added recommendations for fields to map

    Comment actions Permalink

Please sign in to leave a comment.