Use the Clouds tab to manage the cloud configurations associated with your domain names. Existing cloud configuration items are listed in the table.
Cloud configurations are used to separate large deployments of screens and customise the digital signage solution for specific customers and use cases. It provides a mechanism to have a different web address to access the admin interface and also a custom version of DS Loader that can auto-assign new screens to a group specified in the cloud settings.
The cloud configuration also controls branding and advanced settings and features. For example, the domain demo.example.com may allow anonymous registrations and assign users to the user group Demo which has a sequence with restrictions imposed by a shared base sequence.
The following options are available:
|Click to display the Cloud dialog, which enables you to create a new cloud configuration item.|
|Click to display the search field and two dropdown menus which enable you to control which items are displayed in the list. In the top dropdown menu, you can select a specific group and restrict the list to displaying only cloud configuration items associated with that group. In the bottom dropdown menu, you can select which columns to display in the list.|
|Click to refresh the list to reflect the latest changes.|
|Click to download the data on the tab as a CSV file. All data will be downloaded, even if it is currently filtered from view.|
|Click to edit, delete, copy, or view the history of an existing cloud configuration item. From the pop-up menu: Select Edit to display the Cloud dialog. Alternatively, you can click the cloud configuration label in the list.Select Remove to delete the cloud configuration item. Please note that if the cloud configuration is currently being used by the signed-in user, this option is unavailable. Select Copy to create a copy of the cloud configuration item. You must give it a new unique name. Select Item history to open Reports > User action report.|
Use the Cloud dialog to create or edit a cloud configuration.
To display this dialog, on the Clouds tab:
- click the Add Cloud button (),
- click the label of a cloud configuration item; or
- click the Options button () beside a cloud configuration item and select Edit.
The following options are available:
Label — Enter a label for the cloud configuration. This will enable you to identify it in the list on the Clouds tab.
Name — Enter a name for the cloud configuration. The name must match the domain name or the cloud configuration will not be applied. For example, a cloud configuration with the name signage.example.com will be applied when accessing via http://signage.example.com.
Note: A DNS CNAME record must be created pointing to this server address to support new domain names.
The welcome logo, colour scheme, and favicon may all be customised and different default player applications, languages, and timezones configured.
The options on this tab enable you to control sign-ins and session management.
Require secure authentication (HTTPS) — When selected, this option forces using the administration interface or APIs over a secure communications channel. Authentication over an insecure (plain HTTP) channel will be actively blocked.
Allow anonymous users to register — When selected, this option shows an additional button on the sign in page to allow users to create their own user account.
Maximum session age — Enter the maximum session length (in hours) before a user is required to sign in again.
Max two factor age — Enter the maximum length of time (in hours) before additional login credentials are required again.
Password requirements can be configured to add additional security. Please note that an attempt to use any of the 100,000 most common passwords will trigger a warning to discourage the use of such passwords. The platform also includes various velocity checks that restricts more than 5 failed password attempts within a 10 minute window.
Sign in can delegate authentication to Google, Microsoft, and Yahoo! OAuth2 providers. To enable this, a client ID and client secret must be configured for each.
Screens starting for the first time and new user registrations are assigned to the selected group. For this to work, the address of the server must match the cloud configuration name.
Click the +Add data button to add default data that will be applied to new User, Library, Sequence, or Screen items. These defaults will be added automatically when saving items, but will not override existing values.
Select a sequence to use as a base sequence for new end-user registrations. A base sequence provides default items for display and may impose restrictions on the sequences the user creates. For example, it may prevent the user overriding an item in slot 1 forcing the default to always display.
Grant additional users and user groups to access to the cloud configuration item and set the access level.
Users with access to this item
Enter a valid email address, select the permission level, then click Add.
- Full — The user will have full access to the item.
- Read only — The user can only view the item.
Users with access to these groups have access to this item
Enter a valid group name, select the permission level, then click Add.
- Full — Users with access to the selected group have full access to the item.
- Read only — Users with access to the selected group can view the item but not control it.
- Low vis — Users with access to the selected group will not see the item displayed in the full list of items. This can help speed up performance when there are a lot of items. For more information see Low visibility access controls.
Click the Delete button () to remove a user or group from the cloud configuration item.
Add custom data to the cloud configuration item.
Custom domain names
Signcloud can be linked to custom domain names.
For example, a partner who owns the domain name mycompany.com can create the sub domain, signage.mycompany.com, and use this for accessing the platform. The domain name can be used for signing in to the admin interface and (optionally) used by screens to communicate with the Signcloud platform.
To link a custom domain to the Signcloud platform you must be able to modify the DNS configuration for the domain.
Linking a custom domain name
Contact our Signbox support team to enable this feature.
When correctly configured, the admin interface will be accessible by typing the new address into a web browser. For example: http://signage.mycompany.com.
Enable encrypted connections
When the domain is first linked, only unencrypted connections are available.
You can use the new custom domain without an encrypted connection, but this is not recommended. To guarantee security we recommend continuing to use the Signcloud platform until security is added for the custom domain.
To add support for secure, encrypted connections we must install a custom SSL certificate on all our servers.
We have a process to obtain and renew certificates using Let’s Encrypt. To enable this process, a Cloud Configuration must be created with a name matching the new domain.
- Sign in to the admin interface.
- On the top menu bar, click Clouds.
- Click the Add Cloud button () to display the Cloud dialog.
- On the General tab:
- Enter a label for the cloud in the Label field. This will enable you to identify it in the admin interface.
- Enter a name for the cloud in the Name field. This should match the new domain. For example: signage.mycompany.com.
- Click Save. The new cloud configuration item is added to the list on the Cloud tab.
The process to verify domains and fetch new certificates occurs once per day. New certificates will be installed onto the servers when we perform the next software release (typically weekly).
For expedited certificate deployment, please contact us.
DS Loader and player software uses digitally signed server responses (asymmetric cryptography). This does not require SSL to be enabled for the custom domain and also does not require a real-time, battery backed clock or reliable NTP service. This is for maximum performance and device compatibility.
CNAME at root of domain
We recommend creating a sub domain for the digital signage platform. This is because CNAMEs at the root level can cause problems, especially when using the domain for other purposes.
§3.6.2 of RFC 1034:
If a CNAME RR is present at a node, no other data should be present; this ensures that the data for a canonical name and its aliases cannot be different. This rule also insures that a cached CNAME can be used without checking with an authoritative server for other RR types.
Many DNS services will not let you create a CNAME at the root of the domain – only an A record (IP address). Our platform uses multiple IP addresses for a pool of servers that are selected by health checks and latency. Therefore, a CNAME is required to provide both redundancy and performance.