Benefits and summary

Organizations using a plethora of applications, services and products that are accessed across multiple platforms like PCs, MACs, Smart Phones and browsers, need a way to provide their users with a unified way to log in regardless of platform, service, or product used.

For this, managing users in a regular on-premises Microsoft Active Directory (AD) will not suffice because the AD often is not supported by all the products, services, or interfaces used. Instead, an Identity Provider supporting standard authentication protocols and Single sign-on (SSO) is used.

The Identity Provider has all the functionality that is required to manage users and enable cross-platform SSO authentication. Furthermore, with support for so-called claims, the Identity Provider can also provide functionality for managing the users’ permissions for the various products and services used within the organization.

When the need for a video surveillance product arises for organizations that use an Identity Provider to manage their users, the obvious choice would be to select a video surveillance product that can be integrated with their chosen Identity Provider. Since all Milestone XProtect VMS products and clients support SSO integration with Identity Providers supporting OpenID Connect (OIDC) and OAuth2, the Milestone XProtect VMS is a safe choice for any organization.

Furthermore, with an external IDP, claims supported by the Identity Provider, and support for claim-based VMS role linking in the XProtect VMS product it becomes very easy and efficient to manage the organizations users and centrally control permissions across various products and services, including the XProtect VMS.

User-management tasks like creating and deleting users and editing access permissions for the XProtect VMS is as simple as just creating a user in the Identity Provider and setting a VMS-role related claim for the user. The user can then immediately log in and access the XProtect VMS without having to be manually added or having to change the XProtect VMS role settings. The same applies for removing or changing user access to the XProtect VMS. Users simply get access to the XProtect VMS per their configuration in the Identity Provider.

Organizations using an XProtect VMS product that is integrated with an Identity Provider, will get a very efficient and simple solution for managing their users and permissions thought their organization regardless of the application, service, interfaces and what XProtect VMS surveillance solution they use.