Single Server Proof of Concept Setup. This guide walks you through configuring your WebStream PoC server and explains each section of the admin panel.
Follow these steps in order to get your PoC server streaming applications.
Get streaming in minutes using the pre-configured defaults.
RDP to your server and open http://localhost:9008/admin/ in the browser.
Default credentials: admin / webstream
The admin panel is only accessible from the server itself via HTTP. It is the central management interface for all WebStream configuration.
WebStream Core is free but requires a licence to be requested and activated. Use the admin panel to request your free Core licence — it takes seconds and unlocks all Core capabilities.
Without a valid licence, streamers cannot start and sessions will not launch.
Manage LicenceChange the default admin password immediately. Navigate to Users, select the admin user, and update the password.
The default credentials are publicly documented. Changing the password is essential to secure your server.
A default Desktop(Admin) workspace is already configured with full-trust access and assigned to the built-in everyone group. Open a browser on any device and navigate to https://<your-server-ip>/. Log in with your admin credentials to launch the pre-built remote desktop.
Validates the entire stack end-to-end: authentication, licence, session allocation, streaming, and display — with zero additional configuration.
Customise policies, publish applications, and create user workspaces.
The system bootstraps with a Default Organization, four built-in policy sets (notrust, lowtrust, fulltrust, disposable), two built-in groups (everyone and webstream_administrators), and the Desktop(Admin) workspace.
The organisation's default policy is notrust (most restrictive). For a PoC, clone the lowtrust or fulltrust policy and customise it to match your requirements.
Policies control clipboard access, file system trust levels, printing, network isolation, child process rules, dialog control, session isolation, session timeouts, recording, desktop resolution, and resource limits.
Understanding the defaults avoids duplicate work. Cloning a policy lets you tailor security and session settings without modifying the built-in templates.
Navigate to Applications > Add. Use a built-in preset (Notepad, Paint, WordPad, Explorer, PowerShell) or specify a custom executable path.
Key fields: Name, Executable Path, Arguments, Icon Path, Status (Active), Published.
Applications are the Windows executables streamed to users' browsers. At least one published application is required for App Collection workspaces.
Navigate to Workspaces > Add. Choose a type: App Collection (grouped apps), Virtual Desktop (full desktop), or Remote Desktop.
Assign your published applications to the workspace and select a policy set.
Workspaces define what users see when they log in—either a collection of app icons or a full desktop experience.
Navigate to Users > Add to create a test user (username, display name, email). Then go to Groups to add the user to a group.
Assign workspaces to the group. The built-in everyone group already has access to the default workspace, or create a new group for more granular control.
Users authenticate and launch sessions. Groups are the entitlement mechanism—they link users to the workspaces and applications they can access.
Every section of the admin panel explained.
System overview showing licence status, entity counts (orgs, users, groups, apps, workspaces, policies), and recent activity audit log.
Top-level tenants. Each org has its own users, groups, apps, and workspaces.
Individual user accounts that authenticate and run streaming sessions.
Collections of users used for entitlement assignment. Assign workspaces, applications, and policies to groups rather than individual users.
Diagnostic view: select a user and see their effective groups, workspaces, applications, and policies. Useful for verifying access is configured correctly.
Published Windows executables that can be streamed to users' browsers.
Logical containers that present apps to users when they log in.
Security and resource policy sets that define the session envelope.
Operational monitoring for live sessions and infrastructure.
Compliance, security, and audit reporting.
Session recording playback, download, and management. Only relevant if recording is enabled in policy or system settings.
Multi-server infrastructure management. Not required for single-server PoC.
Global system configuration.
Licence management and entitlement visibility.