I came up with an idea to further simplify the “Interface registration” process:
All in all the registration process via links has already simplified interface setup. However, there are still situations where “Interface/Stations Managers” struggle to remotely register new interfaces. Sometimes it’s unclear when and where to click the link so that the Player is registered on the correct device.
The most common issue occurs when registering Players on mobile devices. Either the link is clicked on a PC first and becomes invalid, or the user doesn’t have access to email/Teams/Slack on the mobile device to click the link at all.
My proposal: Registration via Code.
When creating a new interface, in addition to the registration link, generate a 5-character alphanumeric code, e.g., MY5X6.
When starting the Tulip Player for the first time (where you currently enter the account URL), add a second option: “Or register via code entry.”
This would allow station-admins to share the code easily and flexibly via email, Teams, Slack, or even a phone call. It would make the process much simpler…
(I understand that, compared to the link, the code lacks the Tulip instance url information. Therefore, a code-to-instance mapping would need to be implemented on a central server.)
Great suggestion. The team has looked into similar pathways previously for edge devices.
One proposal that we found interesting was having a Tulip admin get a TOTP and assign it to an authenticator. They could then use their one-time code to register edge devices/mobile devices. This approach doesn’t work as well for sending this out via email/Teams/Slack with the short registration window but lengthening that window would make this more painful for folks who are trying to register a large number of devices at once.
Curious if there are any limitations on your end re: Authenticators or thoughts on the time-period?
thanks for sharing your insights on your previous ideas regarding this topic.
In my opinion, due to the complexity and the short time window, it wouldn’t be widely adopted. We should build on the existing simple registration process so that, when generating an interface, it provides not only a link but also something easy to share — for example, my suggestion of offering a code as an option.
If this raises security concerns on your end, additional security factors would need to be added. My ideas:
The code generation can be completely disabled in the account settings.
The code is not automatically generated together with the links for new interfaces, but only when you actively click on “Generate Code”.
When generating the code, an expiration interval (e.g., 1h, 1d) must be set.
To prove that you have access to the target instance, the user must authenticate via Badge ID or SAML already during the registration process. It would be important that every user role, such as Operators, is allowed to authenticate.
To take it even further, it could be combined as follows:
Like today, an interface is created. Pop-Up for Links is shown.
Click “Generate Registration-Code”.
Here, you must select an expiration interval and a target user.
The code is generated and can be shared.
When using the code, the interval is checked, and the target user must authenticate via Badge-ID or SAML.
Actually, the idea of converting the registration URL into a QR code solves some obstacles in the interface registration topic.
It doesn’t cover the case where you could simply give someone a code over a phone call, but this way you could send the QR code via email, Teams, Slack, or even in printed form and register mobile devices without requiring Office program integration.
It would be important that QR code generation is built in as a standard feature in the “Create Interface” section and not as a separate app that needs to be copied to each instance. In the pop-up window under “Share Link,” there should be enough space to display the QR code, add a “Download as Image” and “Copy to clipboard“ buttons, and also include it in the “Send by Email” button.
Thanks for the demo. It seems like this may work for some use cases, but not the core issues we face.
When we are creating station registrations for operations computers, we face two key challenges:
Many of our standard Windows devices don’t have an outward-facing camera on the device, so scanning a QR code isn’t intuitive
These assets do not have access to Outlook/Teams to receive QR codes or links
With the idea of a code-based approach, we could create the station remotely, send the code to the department supervisor, who can then type the code into the operation bench. This would help with offsite IT departments and eliminate the need for in-person manual setup.
We actually used QR-Codes to register our iPad-Devices so far.
Unfortunately this is not a solution for our devices, that are built in our facilities (e.g. in-wall monitor).
These have a touch screen, sometimes a keyboard, but no email or teams and also no camera or accessible usb-ports (for scanners).
Let’s say we created a similar app on the library. Wouldn’t that meet the need for all of the use case except for passing codes over a phone call (not sure how often this happens)?
