I am currently in the process of evaluating the usage of azure media services to store our product tutorial videos, bug reports etc. We encode and store the videos locally and are now able to upload them to azure media services, and then publish to get a SAS url that we can distribute out to our internal users and clients.
We want to be able to grant access to only specific users to these uploaded videos and also track these users, number of views etc. Also for internal users we would like to be able to use integrated windows authentication to access the videos.
Can someone please advise if this is possible? We are not that interested in encrypting of the content itself.
Thanks,
Ilias
If you don't want videos to be shared with unauthorized users you have to apply DRM or AES encryption policies. Without it any logged in user can leak video published uri or what is called "locator" in Azure Media Services. To read more about AES encryption see https://msdn.microsoft.com/en-us/library/azure/Dn783457.aspx.
In my blog post (http://gtrifonov.com/2015/01/24/mvc-owin-azure-media-services-ad-integration/) i showed how to integrate Azure AD with Azure Media Services AES capabilities. To allow playback for users belonging to certain azure AD user group.
If you don't wan't to utilize dynamic encryption, you can issue a unique locator per user session for an asset. But in this scenario you will be limited by 5 active locators per asset. "because of a shared access policy restriction set by Azure storage services, you cannot have more than five unique Locators associated with a given Asset at one time" - https://msdn.microsoft.com/en-us/library/azure/hh974308.aspx
If you want to protect your training materials from unauthorized access and building solution which will have many users accessing same asset simultaneously, you need to use DRM or AES functionality.