Event and Webinar Access Restrictions
Introduction
Access Restrictions are general protection schemes that can be applied to all Events. They enable you to restrict end-users access to your event without any interaction from end-users.
The Supported Access Restrictions are
- Domain
- Locations
- Access Security Token
Access Restrictions
1. Domain
Allows you to restrict under what domain the Webinar player can be embedded on using an iframe.
For example if "Allowed Domain" is set to "icareus.com", the player will not load unless it is embedded in an iframe on a domain with the host "icareus.com". So if you try to embed the Webinar Player on let's say "event.example.com", the player will not load, since the host in this example would be "example.com" instead of "icareus.com".
Subdomains are allowed, so if "Allowed Domain" is set to "icareus.com", the Webinar Player can be embedded in an iframe on a domain such as "example.icareus.com".
If an "Allowed Domain" is set for the event using this restriction, the event must be embedded (under the specified domain) in order for it to be viewed. This means that the event will not be viewable via the standard Event URL. For preview purposes, signed in Suite administrators can still bypass this restriction and view the event normally.
Currently it is required that the domain you are embedding the player on is served over HTTPS. So if "Allowed Domain" is set to "icareus.com", the page needs needs to be "https://icareus.com", embedding the Webinar Player on "http://icareus.com" will not work.
Please note that this restriction is handled purely on client-side, so the security of this restriction is not 100%.
3. Locations
Allows
you to specify from which locations the event can be viewed. When
selected, you will be presented with a multiselect input that allows you
to select one or multiple locations from which the event can be viewed.
The
event will only be accessible from locations selected in the 'Selected
locations' field. If the event page is accessed from a restricted
location, a message is shown.
3. Access Security Token
Notice 1: Please notice that using Access Security Tokens require embedding the Icareus' event video player on web site.
Notice 2: Please notice that using Access Security Tokens requires technical implementation on the web site where event player is embedded
Using the security token restriction, access to a webinar can be
restricted only to end users that provide a valid security token. A
security token is specific to a certain remote IP number, so the same
security token can only be used by two or more clients, if they have the
same IP number. For this reason, when security tokens are used, a
separate token has to be generated for each IP number from where users
are accepted.
When the security token restriction type is selected, a secret security key is generated by Icareus Suite. This key is unique for the event, so it cannot be reused for other events. To copy the security key for pasting purposes, click the copy button.
Do not give the secret security key to any third party. Use it only to create security tokens.
To calculate the security token for a specific remote IP, concatenate the IP number as text, a hyphen (minus) and the security key as a string, and then make an SHA-256 hash of the string.
Assuming we have a Java method sha256 which calculates the SHA-256 hash, the statement for calculating the security token is:
String securityToken = sha256( remoteIP + "-" + securityKey );To access the webinar, the viewer's link must contain the parameter sid whose value must be the security token specific to their IP.
As an example, assume that the remote IP is 185.185.168.162 and the secret key is 5498c4e5f2fb7f3c93634c2b55085ac56562e36e50aea369ec5b030280547a9d.
For viewers from this remote IP, the security token needed is the SHA-256 of 185.185.168.162-5498c4e5f2fb7f3c93634c2b55085ac56562e36e50aea369ec5b030280547a9d.
The correct security token in this case is d3e722a4cf5a2c7a26a718f228dca2e6c3627bf487df5640895e8303ff2c8572.
Assuming the event URL for this example event is
a viewer from 185.185.168.162 can use a link such as
to access the event. Without the correct sid, the viewer will only see an empty web page.
Related Articles
Create & Manage Events/Webinars
Creating an event Open Events -> Events. Create a new event by clicking on the "Create New Event" button at the top: The new event must be given at least a name and event duration for you to be able to save your new event. These mandatory fields will ...Four (4) Easy Steps for New Event or Webinar
Introduction With Icareus Suite Event Webinar it's easy to arrange live events on one or multiple different channels simultaneously, automatically record, synchronize slides and monetize events in many different ways. The web interface ...Event and Webinar Analytics
Introduction Event and Webinar analytics are used mostly by Icareus Video Cloud event customers: enterprises', public organizations', and third sector organizations' event organizers. However, it can also be used for different pay-per-view event ...Event and Webinar Access Control
Access Control It is possible to restrict access to the event based on different methods of access control. Currently only one type of access control can be set on a single event. Different types of access control currently supported are: No Access ...Event and Webinar Access Control
Access Control It is possible to restrict access to the event based on different methods of access control. Currently only one type of access control can be set on a single event. Different types of access control currently supported are: 1. No ...