All of Mediaocean cloud applications accessed with the same user credentials? Simple
With federated authentication, users can sign on to any Mediaocean cloud-based application using the sign-on credentials for their own organization, eliminating the need to remember more than one set of credentials.
For many users, this also gives them the freedom to switch between locations without having to sign on each time they need to change location.
How does federated authentication work?
Mediaocean’s federated applications use the client’s IDP (identity provider) to validate a user’s sign-on credentials instead of using Mediaocean’s own security framework.
The data the user can access and what they can do in the application (user authorization) remains under the control of the respective Mediaocean application.
|Non-federated authentication||Federated authentication|
|User authentication||Mediaocean’s custom security.||Client’s IDP.|
|User authorization||Mediaocean’s custom security.||Mediaocean’s custom security.|
For example: https://prisma.mediaocean.com.
For example: https://agency-prisma.mediaocean.com.
|Credentials||Separate Mediaocean user name and password for each application.||Client organization email address and password.|
What are the benefits?
Clients have full control over user access to Mediaocean applications through their IDP.
This means, for example, if a client terminates an employee in their IDP system, it also terminates their Mediaocean application access.
Increased security. For example, the client organization’s user credentials aren’t shared with third parties.
No VPN is required. As access to Mediaocean applications is controlled by the client, security is assured.
Which identity providers (IDP) are supported?
All IDPs that support the SAML2 protocol are supported. For example:
- Microsoft’s Active Directory (ADFS)
Which Mediaocean products are supported?
- Buyer workflow (Prisma)
- Estimates and costs (Aura)
- Media Finance (Ignitia)
- Trading desk workflow (Radia)
- Seller workflow (Prisma for Sellers)
TO TAKE ADVANTAGE OF FEDERATED AUTHENTICATION, CONTACT THE MEDIAOCEAN TECHNICAL SERVICES TEAM (firstname.lastname@example.org)