Token authentication helps to protect CDN streams from being snitched. Similar to HTTP URL signing, this feature allows customers to enter a secret key during setting up a CDN resource. Then, customer can use secret key, along with expiry date and allowed/blocked referrer site to generate the token from a script.
To enable token authentication:
- Enter your secret key and secure path using OnApp UI.
- Download .NET or Java token generator.
Generate the token with the secret key, allow referrer, deny referrer, expiry date, and allow IP.
For more information, refer to the readme file on the token generator. Missing can be applied to the allow referrer if the HTTP referrer is missing from the browser to the video player. In some cases, the referrer header the video player sent to the edge server is the JS script domain instead of the website domain.
- Append the token with your stream URL, eg ?token= 110ea31ac69c09a2db0bdd74238843631cdab498ff7e6e75cbd99cc4d05426ab679a57015d4e48438c97b921652daec62de3829f8ff437e27449cfdfc2f1e5d9fc47f14e91a51ea7
- Embed with your website.