We supply multiple mechanisms for providing control over your media, by whom it's accessed and how it's accessed.
Every access to APIs and the GUI is enabled by Roles enabled on User Groups. You can define exactly what different groups are allowed to do and this is enforced both on the Web-GUI level and via the APIs that it and third-parties can use, with the exception of a few Roles that are just there to turn GUI functions on and off from display.
All content and collection of content is controlled by Access Control Lists defining exactly what users and groups of users are allowed access to what assets, and with what access they are allowed. For instance a group of users might only be allowed READ access to assets, whilst another is allowed to just READ, WRITE and/or DELETE the assets that they have uploaded.
Users with the role to share out content can define what is shared, how long it is shared for and what access the external user has when sharing. At any time you Administrate Shares to remove shares or see how many times it's been accessed.
External Sharing can be disabled for iconik with Admin Settings.
You can enable and disable iconik's support access to your iconik account Admin Settings giving us access when needed to identify problems, and the knowledge that we can't access your content if we don't need to.
Please note that by turning this on we will be able to view your assets and associated metadata to help diagnose problems
For API requests, we support using App-ID and Token pairs. These are discussed in the api documentation.
IP Allow List
iconik Shield is an add-on service that once enabled can restrict access by using an allow list of IP addresses or CIDR-prefixes from which users are allowed. The filtering can be applied either for every user, or for certain user groups. So you can define that only users in a group can access from a certain network.
The Allow List works both with the GUI frontend, and for access using the API. For more information on iconik Shield see here