Overview
Swank Streaming Services offers multiple ways to authenticate to view your custom platform:
- IP Address Authentication - This restricts viewing to the allowed public IPs of the campus or facility. This is sufficient for allowing access across the entire campus population and is required for all Healthcare and Resident Life Cinema deployments. Additional authentication may be required if needing to restrict to a specific audience. Provide your public IP range(s) and this can be configured by our Accounts and Support Teams
- User Authentication (Direct Login) - This allows defined users to login directly to Swank's site to view content. This is managed with the Swank Admin Portal. Find guide for adding individual users and bulk import here: Creating Users Individually or via Bulk Entry
- (User Authentication is not available for Virtual Screenings and off-campus viewers must utilize proxy or SSO authentication)
- Single Sign On (SSO) Integration - We offer integration with SAML and Google OAuth Integration
- (SSO cannot be used as an alternative for IP auth in the Healthcare and RLC markets as IP auth is required to restrict access to the campus only, these sites cannot be accessed while off-campus, In these markets, SSO should only be used if the audience needs to be further restricted to a select group and can be filtered using OUs or SAML Attributes.)
-
Proxy Integration (only available for select markets) - We offer integration with EZProxy, WAM, and Open Athens products. Find specific proxy setup information below:
This document outlines the high-level steps to integrate a SAML provider with Swank Cloud Streaming portal. The Metadata XML approach is the suggested approach because it reduces errors in transmission and manual configuration
*Please contact your Account Manager and advise which Authentication method you choose to use before proceeding with SAML or Google OAuth setup.
SSO / SAML Integration:
Please find the guide at the following link for SAML or Oauth integrations. There are links within the document for specific examples of common IDP applications.
General Overview of SAML SSO Setup
- Configure your SAML Provider with information about the Swank streaming platform
- Preferred Approach
- Use the SAML Service Provider Metadata XML file provided by Swank to import our configuration into your SAML Provider. You can download the file here.
- Alternate approach
- If your identity provider does not support importing an XML Metadata file, use the manual configuration.
- You can now import your settings via the XML document in the SAML Settings portion of the Cloud Streaming Admin Portal. Login with your admin credentials provided by your Account Manager
- Preferred Approach
- Generate a SAML Identity Provider Metadata XML file from your Identity Provider service and import into "Load Settings" area with the "SAML External" tab
- Alternate approach
- If your identity provider does not support exporting an Identity Provider Metadata XML file, use the manual configuration
- Preferred Approach
- Preferred Approach
- To elevate permissions for Instructors or Administrators, you must add role mapping information to map roles from your identity provider into roles for the streaming system. For more information on providing this information please see the following document: SAML Attribute Role Mapping
- Next, you will need to test the integration to SAML to ensure access.
- If there are issues, you will need to create a test account for each role
- For specific detailed steps to integrate SAML, please see the links below
External Documentation
Google GSuite - https://support.google.com/a/answer/6087519?hl=en
Comments
0 comments
Article is closed for comments.