You are using an unsupported browser. Please update your browser to the latest version on or before July 31, 2020.
close

DW Spectrum - Enabling Digest Authentication for 3rd Party Applications

Enabling Digest Authentication for 3rd Party Applications

-----------------------------------

Affected Roles:  Administrator, Owner

Related Digital Watchdog VMS Apps:  DW Spectrum IPVMS

Complexity:  Medium

Software Version:  DW Spectrum v5.0

Last Edit:  January 27, 2023

-----------------------------------

Security Authentication

With the release of DW Spectrum IPVMS v5.0, the default authentication method for user connection to the Server was upgraded from using “Digest Authentication” to using “Bearer Authentication”. While Bearer Authentication is the recommended setting, some 3rd party applications might not be capable of supporting it, such as with some embedded video players.

This article will outline where to re-enable the Digest Authentication feature for a DW Spectrum user profile.

**NOTE:  When using Digest Authentication for 3rd party applications, it is mandatory to use lowercase credentials with no special characters. Custom authentication settings are only available for Local User profiles.

**NOTE:  The option for Digest Authentication is only available for DW Spectrum IPVMS Version 5.0.

Bearer (Token) Authentication vs Digest Authentication

Before you decide to switch from using the default Bearer Authentication to using Digest Authentication, here are their primary differences:

  • Bearer Authentication – [default setting] an authentication scheme that uses security tokens, also known as “bearer tokens”, to identify and authorize HTTP communication between devices. The “token” comes in the form of an encrypted string that is generated by the DW Spectrum Server upon receiving an authentication/login request.
  • Digest Authentication – [former/old setting] an authentication scheme that uses MD5 hashing to ensure that usernames, passwords, HTTP connections, and URL requests are not sent to the DW Spectrum Server in plaintext. Digest Authentication is a more complex form of authentication because, for every API call/request, the connecting Client must make a new MD5 hash of the username, realm, and password each time.

Using Digest Authentication

The above authentication methods are determined by the administrator for each user when creating their local user profile/account on the DW Spectrum Server.

Use the following steps to enable Digest Authentication for a user:

  1. Log in to the DW Spectrum Server as the Owner or as an Administrator user with the DW Spectrum Client.

  1. Open the Users menu.
  • If you are editing an existing user profile, click on the existing user profile.
  • If you are creating a new user profile, click the New User button and select “Local” as the User Type. Complete the User Information form for the new user before proceeding.

**NOTE:  For instructions on adding a new user, you may refer to the article - Adding New Users and Assigning Roles.

  1. The User Settings window will open.

At the bottom of the User Information, click on the three vertical dots (collapsible toggle) and select “Allow digest authentication for this user”.

  1. A red band will then display disclosing that the user can now use Digest Authentication.

A password reset will be required.

  • Password create a new password for the Local User. When using Digest Authentication for 3rd party applications, it is mandatory to use lowercase credentials with no special characters.
  • Confirm Password – re-enter the new password for the Local User.

Click the Apply button to save the changes, then click on OK to close the User Settings window.

Repeat these steps as needed for each individual user profile that needs to change to using Digest Authentication.

For More Information or Technical Support

DW Technical Support:  866.446.3595

https://www.digital-watchdog.com/contact-tech-support/

______________________________________________________________________________

DW Sales:  866.446.3595                   [email protected]        www.digital-watchdog.com