Signing In

Orchid Hybrid/Fusion VMS has several ways to sign in, and will allow mixed authentication modes. So, Administrators may enable multiple sign in modes on the same system.

Orchid Hybrid/Fusion VMS supports each of the following external authentication providers:

• Google
• Active Directory
• Microsoft Entra ID (formerly Azure Active Directory)
• FreeIPA
• SAML
  

Beginning in version 23.9, Orchid Hybrid/Fusion VMS supports Single Sign-On using SAML. This can be used with a variety of Identity Providers (IdPs) including Auth0, Ping, Google, and Azure A-D/Entra ID. The Orchid Hybrid/Fusion VMS App also supports the SAML authentication method on iOS and Android devices. Please refer to the Orchid Fusion VMS Installation Guide for more details on configuring the system for SAML authentication.

*On Orchid Hybrid VMS systems, IPConfigure Support personnel must modify the configuration file to permit external authentication.

Accessing the Sign In Screen

Fusion

1. To open Orchid Fusion VMS on a client device, type the IP address of the Orchid Fusion VMS server in the web browser address bar. If you are opening Orchid Fusion VMS on the Orchid Fusion VMS server itself, you may enter localhost:8080 in the address bar (provided the default port was used). You may also be able to use the Orchid Fusion VMS link in the system menu or the Desktop icon, if available.
2. You will be prompted to sign into Orchid Fusion VMS.

*The username and password are both case sensitive.

Hybrid

1. To open Orchid Hybrid VMS on a client device, type https://<your-id>.ipconfigure.com into the web browser address bar (where <your-id> is the system identifier assigned to your Orchid Hybrid VMS system).
2. You will be prompted to sign into Orchid Hybrid VMS.

*The username and password are both case sensitive.

Standard Sign In

1. Enter your username and password in the fields provided. (This information should be provided to you by your Administrator.) Beginning in version 23.3, all users will have the option to change their own password after they are signed in. Please refer to Account Settings for more details.
   1. If you are the Fusion Administrator and this is your first time signing in, enter the username admin and the password you set when Orchid Fusion VMS was installed.
   2. If you are the Hybrid Administrator and this is your first time signing in, enter the user name admin and the default Administrator password provided by IPConfigure.

*For improved security, after this initial sign in, Administrators should not use the default Admin account. Instead, each Administrator should create an individual User account. If you sign in as the default Administrator, when you sign out, you will automatically sign out any other Administrator users that are signed in with the default Administrator credentials.

2. If the Low-bandwidth mode checkbox appears, you may choose to run in Low-bandwidth mode.
   1. Mark the box if you want to run in Low-bandwidth mode.
   2. Leave the box unmarked if you want to run in WebRTC mode.

If the checkbox does not appear, you will run in Low-bandwidth mode by default (because the browser you are using does not currently support WebRTC mode).

3. Mark the I have read and accept… checkbox to acknowledge that you accept the terms of the access agreement. (You may not see this checkbox.)
4. Press Sign In. (You will remain signed in for approximately 30 days.)

Sign In with Google

With this method, you will be able to sign into Orchid Hybrid/Fusion VMS using your existing Google credentials (eliminating the need for yet another password). On Fusion systems, this requires that your system administrator has enabled Google Authentication, and an Orchid Fusion VMS user is linked to your Google account. (For more details, please refer to the Orchid Fusion VMS Installation Guide.) On Hybrid systems, this requires that IPConfigure has enabled Google authentication, and an Orchid Hybrid VMS user is linked to your Google account.

1. If the Low-bandwidth mode checkbox appears, you may choose to run in Low-bandwidth mode.
   1. Mark the box if you want to run in Low-bandwidth mode.
   2. Leave the box unmarked if you want to run in WebRTC mode.

If the checkbox does not appear, you will run in Low-bandwidth mode by default (because the browser you are using does not currently support WebRTC mode).

2. Mark the I have read and accept… checkbox to acknowledge that you accept the terms of the access agreement. (You may not see this checkbox.)
3. Press the Sign In With Google button.
4. A Google sign in screen will appear. Select the Google account that you associate with Orchid Hybrid/Fusion VMS.
   1. If you are already signed into the selected Google account, Orchid Hybrid/Fusion VMS will open. (You will remain signed in for approximately 30 days.)
   2. If you are not already signed into Google, enter your password and press the Next button. Orchid Hybrid/Fusion VMS will open. (You will remain signed in for approximately 30 days.)

Sign In with Active Directory

With this method, you will be able to sign into Orchid Hybrid/Fusion VMS using your existing Active Directory credentials. This requires some configuration which should be performed by the Orchid Fusion VMS Administrator, or by IPConfigure (for Hybrid systems). (For more details, please refer to the Orchid Fusion VMS Installation Guide.)

1. Enter your username using the email style notation <userid>@<domain> (like john.smith@ipconfigure.com).
2. Enter your password.
3. If the Low-bandwidth mode checkbox appears, you may choose to run in Low-bandwidth mode.
   1. Mark the box if you want to run in Low-bandwidth mode.
   2. Leave the box unmarked if you want to run in WebRTC mode.

If the checkbox does not appear, you will run in Low-bandwidth mode by default (because the browser you are using does not currently support WebRTC mode).

4. Mark the I have read and accept… checkbox to acknowledge that you accept the terms of the access agreement. (You may not see this checkbox.)
5. Press the Sign In button. Orchid Hybrid/Fusion VMS will open. (You will remain signed in for approximately 30 days.)

Sign In with Microsoft Entra ID/Azure A-D

With this method, you will be able to sign into Orchid Hybrid/Fusion VMS using your existing Microsoft Entra ID/Azure A-D credentials. This requires some configuration which should be performed by the Orchid Fusion VMS Administrator, or by IPConfigure (for Hybrid systems). (For more details, please refer to the Orchid Fusion VMS Installation Guide.)

1. If the Low-bandwidth mode checkbox appears, you may choose to run in Low-bandwidth mode.
   1. Mark the box if you want to run in Low-bandwidth mode.
   2. Leave the box unmarked if you want to run in WebRTC mode.

If the checkbox does not appear, you will run in Low-bandwidth mode by default (because the browser you are using does not currently support WebRTC mode).

2. Mark the I have read and accept… checkbox to acknowledge that you accept the terms of the access agreement. (You may not see this checkbox.)
3. Press the Sign In With Azure button.
4. A Microsoft sign in screen will appear. Click on the Microsoft Entra ID/Azure account that you associate with Orchid Hybrid/Fusion VMS. Orchid Hybrid/Fusion VMS will open. (You will remain signed in for approximately 30 days.)

Sign In with FreeIPA

With this method, you will be able to sign into Orchid Hybrid/Fusion VMS using your existing FreeIPA credentials. This requires some configuration which should be performed by the Orchid Fusion VMS Administrator, or by IPConfigure (for Hybrid systems). (For more details, please refer to the Orchid Fusion VMS Installation Guide.)

1. Enter your username using the email style notation <userid>@<domain> (like john.smith@ipconfigure.com).
2. Enter your password.
3. If the Low-bandwidth mode checkbox appears, you may choose to run in Low-bandwidth mode.
   1. Mark the box if you want to run in Low-bandwidth mode.
   2. Leave the box unmarked if you want to run in WebRTC mode.

If the checkbox does not appear, you will run in Low-bandwidth mode by default (because the browser you are using does not currently support WebRTC mode).

4. Mark the I have read and accept… checkbox to acknowledge that you accept the terms of the access agreement. (You may not see this checkbox.)
5. Press Sign In. Orchid Hybrid/Fusion VMS will open. (You will remain signed in for approximately 30 days.)

Sign In with SAML

With this method, you will be able to sign into Orchid Hybrid/Fusion VMS using your existing Single Sign-On credentials. This requires that your system administrator has configured the Fusion system to work with SAML, and that at least one Identity Provider (IdP) has been set up. (For more details, please refer to the Orchid Fusion VMS Installation Guide.) Remember, on Hybrid systems, you will need to contact IPConfigure Support for help configuring the system for SAML.

In the example below, users will be able to sign into the system using the standard sign-in method, or with Google (via SAML).

1. If the Low-bandwidth mode checkbox appears, you may choose to run in Low-bandwidth mode.
   1. Mark the box if you want to run in Low-bandwidth mode.
   2. Leave the box unmarked if you want to run in WebRTC mode.

If the checkbox does not appear, you will run in Low-bandwidth mode by default (because the browser you are using does not support other operating modes).

2. Mark the I have read and accept… checkbox to acknowledge that you accept the terms of the access agreement. (You may not see this checkbox.)
3. Press the SAML button that corresponds to your Single Sign-On credentials.
   1. If you are already signed into the selected external account, Orchid Hybrid/Fusion VMS will open. (You will remain signed in for approximately 30 days.)
   2. If you are not already signed into your external account, enter your credentials and press the Next button. Orchid Hybrid/Fusion VMS will open. (You will remain signed in for approximately 30 days.)