APA-IT simplifies access to diverse content with single sign-on

Austria's national public broadcaster sought to make it simple for Austrian citizens to access and share media services. Read this customer case study to find out why APA-IT recommended Red Hat's SSO technology, a Keycloak enterprise-level sister product, for this successful venture.

Austria’s national public broadcaster wanted to make it easier for Austrian people to access
media services and share their preferences between media providers. The broadcaster needed
a single sign-on (SSO) solution and turned to its technology partner, APA-IT, for help. APA-IT
offers full-service solutions focused on the areas of media solutions and outsourcing. The solution needed to be ready quickly, work across all popular media channels, and cope with peak
loads. Because the broadcaster’s experience with Keycloak had been positive, APA-IT recommended Red Hat’s SSO technology, Keycloak’s enterprise-level sister product. Red Hat’s SSO
technology easily integrates and customizes for all of Austria’s media providers, scales to meet
peak loads, and makes it more efficient for Austria’s media consumers to access content from
different providers.

Simplifying access to streaming services
Recent years have seen a significant upsurge in people accessing media services. During the
pandemic lockdowns, for instance, streaming services helped people pass the time of day. In Austria,
people access the media services of the national public broadcaster through their bespoke identity
management solution. But regulatory changes meant the broadcaster needed to upgrade that solution. Working closely with almost all of Austria’s major media companies, it initiated the MediaKey
project to make it more efficient for people to access media services and share their preferences
between media providers.
The broadcaster turned to technology partner APA-IT for help building a SSO experience for
Austrian citizens. “They wanted to implement an identity management system for almost all major
media companies in Austria,” said Clemens Prerovsky, CEO of APA-IT. “Customers already logged in
could consume media across different providers from 1 account.”
The solution needed to be ready in less than 6 months, work across all popular media channels—
including TV, streaming, and websites—and cope with peak loads during popular events, especially
Austria’s ski races. “MediaKey would need to manage 2 million users and manage 400 logins per
second,” said Christoph Kofler, Innovation Manager at APA-IT’s implementation partner, Gepardec.
“We started in April 2021, and our goal was to have MediaKey ready by September.”

Implementing a highly scalable and extensible SSO solution
APA-IT and Gepardec worked closely with the broadcaster to identify a robust, reliable, and highly
scalable identity management solution. The broadcaster already had experience with Keycloak, a
single sign-on identity and access management product from the open source community. “The
broadcaster’s experience with Keycloak showed it to be a mature and scalable product, making Red
Hat’s SSO technology—its enterprise-level sister product—a good choice for mission-critical projects,
such as MediaKey,” said Kofler.
As the broadcaster’s long-term technology partner, with extensive knowledge of its technology and
business, APA-IT managed the project. Architects from Gepardec designed and implemented the
solution, which runs on-premise in 1 of APA-IT’s datacenters. Although the partners had different
roles, they collaborated closely as a single team.
With MediaKey such a huge and mission-critical project, designing an optimal architecture was
quite a challenge. APA-IT and Gepardec turned to Red Hat for help. “There are few Red Hat’s SSO
technology installations as large as MediaKey,” said Kofler.“ Red Hat Consulting’s input during the
design phase was really important for creating an architecture for the long-term success of MediaKey,
ensuring it is scalable, maintainable, upgradable, and extensible in the future.”
Red Hat’s SSO technology Product Management team helped the implementation teams gain a clear
picture of the technology’s future direction—insight that would be essential for APA-IT and Gepardec
to guide the broadcaster into the future evolution of MediaKey. “The upgrade path includes a cloudnative version of Red Hat’s SSO technology, based on Red Hat build of Quarkus, that can run in Red
Hat OpenShift, which will be of interest to us,” said Kofler.

Offering peace of mind at peak times for media companies and users alike

Scaled to meet peak loads of 400 logins per second
Since its launch, MediaKey has kept pace with demand. With Red Hat’s SSO technology at its core, it
scaled throughout Austria’s ski season—coping with 400 logins per second at peak times.
“Red Hat’s SSO technology is very scalable,” said Kofler. “It’s a mature piece of software that is very
good in peak load scenarios. It’s, therefore, a good choice for critical applications.”

Eased integration thanks to support for open standards
Red Hat’s SSO technology supports open standards to ensure media providers across Austria could
join the MediaKey initiative. “Red Hat’s SSO tehcnology conforms to open standards, such as OpenID
Connect,” said Kofler, “which made it very easy for all the media providers to integrate it with
their own systems.”
While each media provider has its own login system, MediaKey provides an additional way for
customers to log on and access providers’ content. Once registered with MediaKey, Austria’s media
customers can log onto any media site that supports the access management solution and then
quickly and easily access any other site that supports it.

Simplified customization thanks to its open source roots
The high levels of extensibility and flexibility offered by Red Hat’s SSO technology proved to be critical to the project’s success. “Red Hat’s SSO tehcnology has great capabilities to be extended,” said
Kofler. “Being open source, you can look into the source code to understand how it works, which is
important when building custom extensions.”
Gepardec adapted Red Hat’s SSO technology to include an age verification system and provide
some custom key performance indicators (KPIs). The age verification system, which runs in Red Hat
OpenShift®, checks that users can only access age-appropriate content. The KPIs, which include
logins per second, the total number of users, and new registrations per day, help the broadcaster
understand how MediaKey is performing at a business level.
Kofler also commented on the importance of Red Hat’s SSO technology conforming to open standards, such as OpenID Connect. “Conformance to open standards was extremely important because
it made it very easy for the media providers to integrate with their own logins.”

Extending project successes
Today, MediaKey is the broadcaster’s main solution for customer logins, respecting users’ privacy by
storing vital information—namely, their login details and nothing more. More major media sites across
Austria have even implemented it as an add-on to their core identity and access management
solution. With the success of MediaKey to date, the broadcaster plans to take advantage of the solution for its new media streaming platform.
Together, APA-IT and the broadcaster are exploring Red Hat’s SSO technology for Red Hat
OpenShift—a cloud-native version of single sign-on technology—as a likely upgrade path for
MediaKey.
“Red Hat’s SSO technology is really important for the long-term success of the MediaKey solution,”
said Kofler. “Red Hat’s technology ensures MediaKey is maintainable, extendible into the future,
and upgradeable.”

About APA-IT
APA-IT offers full-service media and outsourcing solutions. A subsidiary of APA-Austria Press
Agency, it manages IT systems of not only the agency but also numerous publishing houses and
companies carrying out media-related tasks. APA-IT develops and tailors solutions to individual
customer needs.

286 Views 0 Likes Introduce me  Read More