Managing Users with Identity and Access Management (IAM)
Live Platform includes built-in Identity and Access Management (IAM) capabilities that make it easier to manage users and control how they access different Live Platform entities (tenants). With IAM, you can easily add, update, or remove users, and assign each user permission levels (roles) per entity.
The IAM feature offers flexibility in that it allows you to assign the same user to multiple Live Platform entities (scopes). In addition, you can assign the user a different permission level (role) per entity. For example, you can assign a user to the Live Platform account "Company Branch Europe" with Admin role, and to Live Platform account "Company Branch USA" with Monitor role (read-only).
IAM provides a centralized way to manage user access and security across Live Platform. It supports the following functions:
| ■ | Authentication: Verifies user identity through email and password, and supports multi-factor authentication (MFA) for enhanced security using email or an authenticator app. |
| ■ | Authorization: Determines which Live Platform entities a user can access and what actions they can perform based on assigned roles. |
| ■ | User provisioning: Lets you add, edit, or remove local users per Live Platform entity. |
| ■ | Role-based access control (RBAC): Allows you to assign permission levels to users according to Live Platform roles. |
| ■ | Audit and compliance: Records user activity and access history to support compliance needs (for example, GDPR and HIPAA) and help identify suspicious behavior. |
| ■ | Single sign-on (SSO): Enables users to sign in once and access connected external AudioCodes applications, such as SBC devices, UMP-365, Device Manager, UCaaS Connect, Voca CIC, Meeting Insights, and Interaction Insights. |
To configure IAM system settings, see Configuring Identity and Access Management (IAM).