Logging in with Identity and Access Management (IAM)

Live Platform includes built-in Identity and Access Management (IAM) capabilities that make it easier to manage users and control how they access different Live Platform entities (tenants). With IAM, you can easily add, update, or remove users, and assign each user permission levels (roles) per entity. The IAM feature offers flexibility in that it allows you to assign the same user to multiple Live Platform entities (scopes). In addition, you can assign the user a different permission level (role) per entity. For example, you can assign a user to the Live Platform account "Company Branch Europe" with Admin role, and to Live Platform account "Company Branch USA" with Monitor role (read-only). IAM provides a centralized way to manage user access and security across Live Platform. It supports the following functions:

■

Authentication: Verifies user identity through email and password, and supports multi-factor authentication (MFA) for enhanced security using email or an authenticator app.

■

Authorization: Determines which Live Platform entities a user can access and what actions they can perform based on assigned roles.

■

User provisioning: Lets you add, edit, or remove local users per Live Platform entity.

■

Role-based access control (RBAC): Allows you to assign permission levels to users according to Live Platform roles.

■

Audit and compliance: Records user activity and access history to support compliance needs (for example, GDPR and HIPAA) and help identify suspicious behavior.

■

Single sign-on (SSO): Enables users to sign in once and access connected external AudioCodes applications, such as SBC devices, UMP-365, Device Manager, UCaaS Connect, Voca CIC, Meeting Insights, and Interaction Insights.

When Identity and Access Management (IAM) functionality is used by Live Platform for user management, you can log in to Live Platform's Operation Center Portal using your local account credentials or through your Microsoft 365 account. Typically, login also includes an extra layer of security using Multi-Factor Authentication (MFA), where you need to provide a verification code (sent to your Authenticator app or email address).

■

When logging in using IAM local user accounts:

●

A Live Platform user is registered to IAM by your provider or reseller for the Live Platform portal IAM service under your Live Platform managed entity e.g. channel-abc. You need to confirm this registration through an email invitation. This process requires your interaction to setup the user account using Registration Invitations. Once you have successfully registered, you can login to the Live Platform portal using your IAM local account credentials. You can then connect to the IAM interface using Single SIgn-on via the Welcome menu. You can then create additional users for your tenant and register them using the process.

■

When logging in using your Microsoft 365 account, the login request is redirected by Microsoft back to IAM and then to Live Platform. You also need to add users and roles on Microsoft Entra ID (see Logging into Live Platform portal with Microsoft MFA).