This feature, Secure Experiences, ensures that content is only viewable by viewers whose role matches the role set on the content.
Roles allow you to filter content and experience elements for groups of specific viewers. You can expose content for viewers within a group and hide it from all other viewers.
Content types can be shown or hidden based on the viewer's role. In Beacon Studio, you can create roles and assign them to the following content types:
Movies
Series, Seasons, and Episodes
Channels and Live events
Playlists and Pages
Requirements
The following is needed for Secure Experiences:
An external Viewer Management System (VMS)
OpenID Connect (OIDC) authentication enabled for your account
To associate viewers with roles, you will use your external VMS. These user role definitions will be connected to Brightcove Beacon using OIDC tokens
During viewer authentication with a Beacon app using OIDC, a token is passed to Beacon with the viewer's role(s).
OIDC is an authentication protocol used to verify the identity of a user to a client service. For details about using OIDC, see the OIDC Authentication Configuration and Testing document.
Workflow
The following workflows are associated with Secure Experiences:
Viewer workflow
Your app viewers will experience the following:
Viewers will exist in your external Viewer Management System (VMS) and may have one or more roles assigned to them.
During viewer authentication with OIDC, a token is passed to Brightcove Beacon with the viewer's role(s).
Viewers have access to assets/pages that match any of the viewer's roles.
Admin workflow
You or your admin person will perform the following tasks:
Assign roles to viewers in your external VMS (or sets up rules to assign roles)
Connect external VMS to Brightcove Beacon
Add the roles to Brightcove Beacon (these roles must match what is defined in your VMS)
