IBM Video Streaming

Manage Video Platform User Permissions

Manage Video Platform User Permissions

Looking to manage video platform user permissions?

Managing video content is become an increasingly collaborative experience. Furthermore, enterprises are adopting larger video strategies as well. In fact, 51% of enterprises estimated their streaming budgets at $100,000 or more going into 2020. Naturally this increase in budget for video will produce more content, creating an environment where companies need to be more agile in managing assets. Especially as companies are looking to use video both internally, to employees and stakeholders, and externally, for prospects or entertainment purposes.

To address this, IBM released an administrator controlled permission system for organizations back in 2018. These features were recently expanded, offering more granular control. As a result, organization administrators can manage video platform user permissions, empowering them to oversee admins and managers for accounts and channels from a dashboard. This enables quick team management for video assets, fostering easier collaboration toward video goals.

What is an organization?

Using IBM Watson Media’s offerings, an organization is a way to link multiple accounts together. These accounts can be setup to have video content that’s external facing, IBM Video Streaming based, or internal facing, IBM Enterprise Video Streaming based. Once enabled and a user has access to an organization, it introduces a quick method for changing between accounts. For example, a user can go in and manipulate metadata on an external video and then, without having to login again, change accounts and start uploading a training video for internal use.

In addition, a user can have access to multiple organizations as well, creating an experience like this:

Manage Video Platform User Permissions: Organization Menu

This interface is how a user can quickly shift between accounts, or even change between organizations as well.

Learn more about organizations in this article, including possible settings and use cases.

Controlling permissions in an organization

The functionality of organizations has been expanded. Administrators can now setup not just other admins to manage the entire organization, but also setup more granular permission levels. Done from the organization dashboard, this allows users overseeing the entire account to be more agile. For example, if a new employee is brought on, that person can be quickly setup as an account manager by an administrator.

Similarly, these permissions can be revoked from the same interface just as quickly. For example, if a company is working with a contractor that individual might be made a channel manager for a live event channel. After the event is over, their permission level can be removed, or even their user account could be removed entirely if needed.

User permission levels

Three different levels of permissions exist within an organization, which can be managed from the organization dashboard. These are:

Organization admin
This is the highest permission level. At this level, a user can manage the overall organization, and the accounts inside. This includes being able to control settings and permission levels. Administrators can also do account specific functions like managing channels or video content.

Limited access: account level
At this level, a user can manage an entire account. This includes creating new content, be it channel or video based, and also managing settings. These settings can include geo-blocking for external content and managing the security settings for internal based content, such as the SSO (Single Sign On) setup. Users can be setup to have permission level for multiple accounts.

Limited access: channel level

The lowest permission level. At this stage, the user can manage a channel inside of an account. That includes being able to upload video content to that channel and manage content settings, including metadata or even to setup a dynamic playlist. Now accounts can be setup to have multiple channels, and users can also be setup to manage multiple channels as well. This differs from the account level, though, as global settings are blocked off and there might be channels they don’t manage. For example, someone on the marketing team might have their permissions setup to manage a webinar and public relations channel, but someone else could manage an engineering channel.

How to manage user permissions

Managing user permissions are done, by administrators, through the “Organization Settings”. One of the options here is “Administrators”. This will allow you to see a list of all users with admin or manager permissions on your organization setup. Each user has a drop down arrow next to them, allow an admin to edit or remove their permissions.

Editing them will allow an admin to change their status, in between the user permission levels that includes admin status, account manager and channel manager. This dashboard can also be used to add permissions to users through clicking the “Add people” button. This will give a prompt asking for an email address and the permission level. Multiple email addresses can be entered, speeding up the process further if several people need permissions setup at the same level.

If doing custom permissions, which is where account managers and channel managers are setup, a new selection will appear. This will include the ability to designate someone as an account manager or or channel manager. A search is included for channels, simplifying finding the appropriate channel for accounts that feature many of them.

Creating custom roles

Custom roles allow greater granularity in terms of restricting what kind of access an administrator can have over a channel.

Accessing the custom roles feature is done by clicking “Organization Settings” and then “Manage” on administrators. In the upper right will be a “Manage Custom Roles” option. Here you can create roles to define a certain set of permissions available to administrators belonging to this custom role. This can be very limited in scope, such as preventing them from downloading videos from the dashboard or from seeing individual viewer tracking analytics.

Custom Roles

The current options available as something that can be turned on or off for custom roles include:

  • Starting broadcasts
  • Publishing videos
  • Managing published videos
  • Downloading videos
  • Deleting videos
  • Editing channel level access control (Enterprise Video Streaming only)
  • Seeing individual viewer stats

Custom role use cases

Leveraging this organization feature enables enterprises to designate individuals with limited but very important roles. This can include administrators that are designated for:

  • Content creation
    Limited in scope to starting live streams or uploading videos.
  • Content reviewers
    Those tasked with publishing content after reviewing it, or with the ability to manage assets as needed. This includes access to the features around editing captions generated automatically by IBM Watson and to do minor cloud editing like trimming videos.
  • Compliance
    Access to viewer tracking information, to follow up that mandatory content was viewed to completion and the ability to follow up, on an email basis, with those who have not completed it.

Summary

The addition of the permission system and custom roles aids in managing what could be considered complex video platform needs. It fosters setups that can encompass numerous managers and admins, while simplifying the addition of new user permissions as well.

Curious about how admins login? This is done through the SSO (Single Sign-on) method established as part of the account. If you want to learn more about the available security features, including how content can be restricted to certain audiences, also be sure to check out our Enterprise Video Security Components and Services white paper.