Introduction

The Roles as Rights feature ensures that content is only viewable by viewers whose role matches the role set on the content.

Roles allow you to filter content and experience elements for groups of specific viewers. You can expose content for viewers within a group and hide it from all other viewers.

Content types can be shown or hidden based on the viewer's role. In Beacon Studio, you can create roles and assign them to the following content types:

Movies
Series, Seasons, and Episodes
Channels and Live Events
Playlists and Pages

To associate viewers with roles, use your external Viewer Management System (VMS). You will connect these user role definitions to Brightcove Beacon using OpenID Connect (OIDC) tokens. OIDC is an authentication protocol used to verify the identity of a user to a client service.

For details about using OIDC, see the OIDC Authentication Configuration and Testing document.

Workflow

The following workflows are associated with Roles as Rights:

Viewer workflow

Your app viewers will experience the following:

Viewers will exist in your external Viewer Management System (VMS) and may have one or more roles assigned to them.

Viewers with no roles will have access to all content with no associated roles.
During viewer authentication with OIDC, a token is passed to Brightcove Beacon with the viewer's role(s).
Viewers have access to assets/pages that match any of the viewer's roles.

Admin workflow

You or your admin person will perform the following tasks:

Assign roles to viewers in your external VMS (or sets up rules to assign roles)
Connect external VMS to Brightcove Beacon

Contact your account manager to connect your VMS to the Brightcove Beacon.
Add the roles to Brightcove Beacon (these roles must match what is defined in your VMS)
Assign roles to assets/pages