Skip to main content
How does Signagelive manage Access Controls?
Ian Maison avatar
Written by Ian Maison
Updated over 8 months ago

Answer:

All APIs are protected by strong authentication and authorization procedures utilizing JWT tokens, the
authentication and authorization process checks:

  • The token is from a known issuer

  • The token has not been tampered with

  • The token is for the audience (API) being requested

  • The token is for the network where data is being requested from

  • The network is enabled

  • The user/application has access to the network

  • The claims in the token match the endpoint being requested

  • The token is being used within a valid time frame i.e. it is not expired

Screenshots are served directly from S3 using pre-signed URLs that expire after 60 seconds.

Credentials are not accessible via our APIs, therefore, cannot be exposed or viewed in the User
Interface can only be updated for example when user names or passwords are changed.

Credentials are only accessible by the synchronisation workers which will need to decrypt them so they
can be injected into the website's login controls. This data is not persisted during the process and
memory used is cleared after use.


Access requests on the media player to synchronised data from the WidgetSDK are validated to
ensure that the widget is permitted to access that data object.

Did this answer your question?