User Authentication

With the default configuration, any user can perform actions (such as managing cameras, or downloading video) by sending requests to the MMAP API. This section describes how to configure MMAP so that only authorized users can use the API.

To authenticate users, complete the following steps:

  • Configure MMAP so that it accepts requests over HTTPS. OpenText recommends that you do not expose the HTTP port when authentication is enabled.
  • Install an IDOL Community component. Community stores information about your users; you can create users in a built-in database or configure Community to authenticate users against an existing security repository such as an LDAP server. For more information about the IDOL Community component, refer to the IDOL Getting Started Guide and the Community Component Reference.
  • Add MMAP roles to Community and assign users to those roles. Adding a user to a role grants them permission to perform certain actions through MMAP. For more information about the roles that are defined in MMAP, see MMAP Roles.
  • Enable user authentication in MMAP by editing the avalanche.properties configuration file. For information about how to do this, see Enable User Authentication in MMAP.
  • Modify your application so that it uses the /authenticate API endpoint to obtain an API token for each user. Your application must include an API token in subsequent requests to the MMAP API. For more information, see Use the MMAP API.