segmentedContentProtection


Validates authorization tokens at the edge server to prevent unauthorized link sharing.

OptionTypeDescriptionRequires
enabledboolean

Enables the segmented content protection behavior.

{"displayType":"boolean","tag":"input","type":"checkbox"}
keyobject array

Specifies the encryption key to use as a shared secret to validate tokens.

{"displayType":"object array","tag":"input","todo":true}
{"if":{"attribute":"enabled","op":"eq","value":true}}
use‚ÄčAdvancedboolean

Allows you to specify advanced transition‚ÄčKey and salt options.

{"displayType":"boolean","tag":"input","type":"checkbox"}
{"if":{"attribute":"enabled","op":"eq","value":true}}
transition‚ÄčKeyobject array

An alternate encryption key to match along with the key field, allowing you to rotate keys with no down time.

use‚ÄčAdvanced is true
{"displayType":"object array","tag":"input","todo":true}
{"if":{"attribute":"useAdvanced","op":"eq","value":true}}
saltobject array

Specifies a salt as input into the token for added security. This value needs to match the salt used in the token generation code.

use‚ÄčAdvanced is true
{"displayType":"object array","tag":"input","todo":true}
{"if":{"attribute":"useAdvanced","op":"eq","value":true}}
header‚ÄčFor‚ÄčSaltstring array

This allows you to include additional salt properties specific to each end user to strengthen the relationship between the session token and playback session. This specifies the set of request headers whose values generate the salt value, typically User-Agent, X-Playback-Session-Id, and Origin. Any specified header needs to appear in the player's request.

use‚ÄčAdvanced is true
{"displayType":"string array","tag":"input","todo":true}
{"if":{"attribute":"useAdvanced","op":"eq","value":true}}
session‚ÄčIdboolean

Enabling this option carries the session_id value from the access token over to the session token, for use in tracking and counting unique playback sessions.

use‚ÄčAdvanced is true
{"displayType":"boolean","tag":"input","type":"checkbox"}
{"if":{"attribute":"useAdvanced","op":"eq","value":true}}
data‚ÄčPayloadboolean

Enabling this option carries the data/payload field from the access token over to the session token, allowing access to opaque data for log analysis for a URL protected by a session token.

use‚ÄčAdvanced is true
{"displayType":"boolean","tag":"input","type":"checkbox"}
{"if":{"attribute":"useAdvanced","op":"eq","value":true}}
ipboolean

Enabling this restricts content access to a specific IP address, only appropriate if it does not change during the playback session.

use‚ÄčAdvanced is true
{"displayType":"boolean","tag":"input","type":"checkbox"}
{"if":{"attribute":"useAdvanced","op":"eq","value":true}}
aclboolean

Enabling this option carries the ACL field from the access token over to the session token, to limit the requesting client's access to the specific URL or path set in the ACL field. Playback may fail if the base path of the master playlist (and variant playlist, plus segments) varies from that of the ACL field.

use‚ÄčAdvanced is true
{"displayType":"boolean","tag":"input","type":"checkbox"}
{"if":{"attribute":"useAdvanced","op":"eq","value":true}}
enable‚ÄčToken‚ÄčIn‚ÄčURIboolean

When enabled, passes tokens in HLS variant manifest URLs and HLS segment URLs, as an alternative to cookies.

{"displayType":"boolean","tag":"input","type":"checkbox"}
{"if":{"attribute":"enabled","op":"eq","value":true}}
hls‚ÄčMaster‚ÄčManifest‚ÄčFilesstring array

Specifies the set of filenames that form HLS master manifest URLs. You can use * wildcard character that matches zero or more characters. Make sure to specify master manifest filenames uniquely, to distinguish them from variant manifest files.

enable‚ÄčToken‚ÄčIn‚ÄčURI is true
{"displayType":"string array","tag":"input","todo":true}
{"if":{"attribute":"enableTokenInURI","op":"eq","value":true}}
token‚ÄčRevocation‚ÄčEnabledboolean

Enable this to deny requests from playback URLs that contain a Token‚ÄčAuth token that uses specific token identifiers.

{"displayType":"boolean","tag":"input","type":"checkbox"}
{"if":{"op":"and","params":[{"attribute":"enabled","op":"eq","value":true},{"attribute":"modulesOnContract","op":"contains","scope":"global","value":"AccessRevocation"}]}}
revoked‚ÄčList‚ÄčIdstring

Identifies the Token‚ÄčAuth tokens to block from accessing your content.

token‚ÄčRevocation‚ÄčEnabled is true
{"displayType":"string","tag":"input","type":"text"}
{"if":{"attribute":"tokenRevocationEnabled","op":"eq","value":true}}
hls‚ÄčMedia‚ÄčEncryptionboolean

Enables HLS Segment Encryption.

{"displayType":"boolean","tag":"input","type":"checkbox"}
dash‚ÄčMedia‚ÄčEncryptionboolean

Whether to enable DASH Media Encryption.

{"displayType":"boolean","tag":"input","type":"checkbox"}