Home > Using SnapStream: the Web Interface > Admin > Security
Usage permissions for users of SnapStream are defined by assigning the users to groups. Permission for each type of task can be enabled or disabled for each group of users, allowing granular control of the access available to each group. 
SnapStream is preconfigured with five local user groups: Administrators, Basic Schedulers, Live TV Viewers, Pre-Recorded Viewers and Schedulers. See Preset User Groups for information on these predefined groups.


If Security for the SnapStream interface has not been configured, the only option will be Config
 
To configure security options, switch the Security option to On. You will then be prompted to enter a password for the username Administrator. Log back in as Administrator to configure security. 

  

Security: Enable or disable security. If this option is Off, no other settings will appear on this page. Note: When On, you will be required to log in to the web interface again.

External Authentication: Use an external authority to validate user credentials. Options here are LDAP and SAML 2.0.

LDAP integration

This feature allows users to log in to the SnapStream interface with their Active Directory or Novell accounts. Some other LDAP types are also supported as "generic."
LDAP Type: Options are Active Directory, Novell, and LDAPv3 (generic).

 For Active Directory and Novell:
 

LDAP Path: The location of the server that manages users that will be logging in to SnapStream.

LDAP Requires Login: Enable this option if your LDAP server requires a username and password in order for SnapStream to validate users against LDAP.

LDAP Username/ Change and Confirm Stored LDAP Password: Enter the credentials for a user account that has permission to query your LDAP server for group membership of the users that will be logging in to Enterprise TV.


 For LDAPv3:
 
Base Directory Context
Group ObjectClass
User Login Attribute
Group Membership Attribute
The values for these settings should be available from your LDAP administrator. 

LDAP Requires Login: Enable this option if your LDAP server requires a username and password in order for SnapStream to validate users against LDAP.

LDAP Username/ Change and Confirm Stored LDAP Password: Enter the credentials for a user account that has permission to query your LDAP server for group membership of the users that will be logging in to Enterprise TV.



SAML 2.0 integration


This feature allows users to log in to the SnapStream interface using Single Sign-On (SSO) via Ping or Okta.
 
SAML Endpoint
SAML Issuer
SAML Certificate
SAML ACS URL
 The values for these settings should be available from your SAML administrator. See the SnapStream Knowledgebase for instructions on configuring Ping or Okta to work with SnapStream. You can also import your settings from an XML file using the option shown. 


See also
System Status
Actions
Settings
External Accounts