Signagelive

All APIs are protected by strong authentication and authorization procedures utilizing JWT tokens, the authentication and authorization process checks:

The token is for the audience (API) being requested

The token is for the network where data is being requested from

The user/application has access to the network

The claims in the token match the endpoint being requested

The token is being used within a valid time frame i.e. it is not expired

- The token is from a known issuer
- The token has not been tampered with
- The token is for the audience (API) being requested
- The token is for the network where data is being requested from
- The network is enabled
- The user/application has access to the network
- The claims in the token match the endpoint being requested
- The token is being used within a valid time frame i.e. it is not expired

Screenshots are served directly from S3 using pre-signed URLs that expire after 60 seconds.

Credentials are not accessible via our APIs, therefore, cannot be exposed or viewed in the User Interface can only be updated for example when user names or passwords are changed.

Credentials are only accessible by the synchronisation workers which will need to decrypt them so they can be injected into the website's login controls. This data is not persisted during the process and memory used is cleared after use.

Access requests on the media player to synchronised data from the WidgetSDK are validated to ensure that the widget is permitted to access that data object.

How does Signagelive manage Access Controls?

Learn Hub

Training

Find answers and get help from Intercom Support and Community Experts

Empty Help Center

Uh oh. That page doesn’t exist.

Disappointed

Neutral

Smiley

Title

Track the progress of all tickets related to your company.

Tickets portal.

{assigneeName} needs more information from you