TVZone Authentication Process

(2025-09-25 v1.0)

User Login

TVZone supports two ways of user login:

1. Using Windows login credentials automatically (LDAP)

2. Entering username and password manually

After logging in, TVZone sends the user credentials to the IPTV Server or the external authentication service for verification.

User Authentication Service

Presently there are three types of authentication services:

1. IPTV: user account and group information maintained by the IPTV Server

2. LDAP: user account and group information maintained by the Active Directory

3. OAuth: user account and group information maintained by the authentication service behind the OAuth interface

IPTV Server has been integrated with Okta/OAuth2.0. The authentication process is as follows:

• TVZone shows the login page hosted by the external OAuth server and receives the authCode via an OAuth URL callback

• TVZone sends the authCode to the IPTV Server, which uses the authCode to get user group info from OAuth

More authentication modes can be added to the system when necessary.

Channel Management

The IPTV Server organizes channels in Channel Tiers.

Once a user is authenticated, the IPTV Server assigns the specific Channel Tier for the TVZone based on the user’s User Group information.

Multicast Stream Decryption

The IPTV Server provides the secured key to the authenticated and authorized TVZone so the TVZone can decrypt the encrypted multicast streams.