Configuring Pexip Infinity for Pexip Justice

This section explains how to configure Pexip Infinity for Pexip Justice, certificate and network considerations, and other requirements. These steps must be completed before you proceed to Pexip Justice installation.

Installing Pexip Infinity

You need to perform a basic installation and configuration of Pexip Infinity. Any of Pexip Infinity's deployment models may be used (on-premises, cloud-hosted etc). See Installation overview for more information.

Your Pexip Infinity platform does not have to be dedicated to Pexip Justice — it can be used for other conferencing scenarios (subject to call capacity etc).

You must be using Pexip Infinity version 35 or later.

A configuration change is required on Pexip Infinity v37 deployments or earlier integrating with Pexip Secure Meetings for Justice (any version). Please contact your Pexip authorized support representative for more information.

Network and firewall requirements

  • You must have one or more publicly-reachable Conferencing Nodes.
  • Ensure that you have permitted an HTTPS, port 443 connection from the Pexip InfinityConferencing Nodes to the Pexip Justice external policy server.

License requirements

Ensure that you have sufficient concurrent licenses (port) available (Platform > Licenses) so that you have enough capacity to support the number of hearings and participants that will be joining. See Licenses for more information.

Configuring global settings

From the Pexip Infinity Administrator interface, go to Platform > Global settings and review and modify the settings where required.

Ensure that you select Enable Breakout Rooms in Breakout Rooms.

See Global Settings for more information.

Theme

Ensure that you create a suitable theme for your Pexip Justice interactions.

Configuring Call Routing Rules

You must configure at least one Call Routing Rule to route calls within your deployment:

  • If SIP dial-out is required, a mandatory general call rule: to route outgoing calls from a conference to a permitted SIP domain.
  • An optional streaming/recording rule: to support streaming/recording that is initiated via the plugin.
  • An optional streaming/recording rule: to route outgoing calls from a conference to any other permitted RTMP streaming platform that is initiated via the Add participant option within the web app.

To configure your Call Routing Rules:

  1. Go to Services > Call routing and select Add Call Routing Rule.

  2. The following table shows the fields to configure for your Call Routing Rules:

    (Leave all other fields with default values or as required for your specific deployment.)

    Option General call rule (mandatory) Plugin-initiated streaming/recording rule (optional) "Add participant"-initiated streaming/recording rule (optional)
    Name The name of the rule, e.g. "Justice participant". The name of the rule, e.g. "Justice stream via plugin". The name of the rule, e.g. "Justice stream via add participant".
    Priority

    Assign the priority for this rule. If you have other Call Routing Rules for other conferencing purposes you must ensure that an appropriate priority is set, in accordance with the Destination alias regex match settings of all of your rules, to ensure that these rules are applied for Pexip Justice calls.

    If you are specifying a plugin-initiated streaming/recording rule then set this to a higher priority (lower number) than any other rule that can match "rtmps://courts-core.stream/[0-4]".
    Incoming gateway calls Leave unselected for all rules.
    Outgoing calls from a conference Ensure this option is selected for all rules.
    Calls being handled in location Typically you can select Any Location for all rules.
    Match against full alias URI Leave unselected. Select this option. Select this option.
    Destination alias regex match

    Enter a regular expression to match the calls to send to a session. For example:

    (.*)@pexample.com

    Use the following regular expression:

    rtmps://courts-core.stream/[0-4]

    You can use the following regular expression:

    rtmps?://(.*)

    however you may want to refine the regex for your specific recording/streaming solution.
    Destination alias regex replace string Leave this field blank for all rules.
    Call capability Select Main video + presentation for all rules.
    Maximum call quality Typically you can select Use global setting for all rules.
    Media encryption Typically you can select Use global setting for all rules.
    Theme Select the theme you created for your Pexip Justice interactions for all rules.
    Call target Select Registered device or external system for all rules.
    Outgoing location Choose a location used by the external policy server for all rules.
    Protocol Select SIP. Select RTMP (streaming). Select RTMP (streaming).
    SIP Proxy Select Use DNS for all rules.
  3. Select Save.
  4. Repeat the above steps adding your second and subsequent rules as appropriate.

Authentication

For detailed information about managing administrator access via OIDC to the Pexip Infinity Administrator interface, go here.

The following instructions are an example for setting up Azure as an OIDC provider for your Pexip Infinity and Pexip Justice deployment. If you wish to use a different Identity Provider, contact your Pexip authorized support representative. Authentication for the Pexip Justice portal is configured separately after installation of the Pexip Justice application.

  1. Log in to the Azure portal and select Microsoft Entra ID. From the panel on the left select App registrations and then select New registration:

  2. On the Register an application page:

    • Enter an appropriate Name

    • In the Redirect URI section, from the drop-down options select Web and enter a redirect URI in the format https://<scheduler-FQDN>/oidc/authenticate where scheduler-FQDN is the FQDN of the Pexip Justice scheduling portal.

    • Select Register:

  3. Note the Application (client) ID. You must enter this as the Client ID when configuring Pexip Infinity:

  4. Select the Endpoints tab, and copy the OpenID Connect metadata document (this ends in openid-configuration). You must enter this as the Metadata URL when configuring Pexip Infinity:

  5. From the panel on the left, select Authentication and scroll down to Implicit grant and hybrid flows. Select ID tokens and then select Save:

  6. From the panel on the left, select Token configuration. Select Add groups claim, select All groups..., and then select Add:

  7. From the panel on the left, select Certificates & secrets. Select New client secret, complete the fields, and then select Add:

  8. Before you navigate away from the page you must copy the string in the Value field (do not copy the string in the Secret ID field). You must enter this as the Client Secret when configuring Pexip Infinity:

For further information about configuring administrator access via OIDC to the Pexip Infinity Administrator interface, go here.