Gotipath Stream provides a powerful CDN token authentication system to strictly control who, where and for how long can access your videos or live stream.
This guide contains the documentation on how to enable, configure and generate the tokens to securely access your content.
What is CDN token authentication?
First of all, what is token authentication? In short, if enabled, token authentication will block all requests to your URLs unless a valid token is passed with the request. The token is then compared on our server and we check if both values match. If the hash we generate matches the one sent by the request, then the request is accepted, otherwise, a 403 page is returned.
The token can then either be put in as a query parameter or used as part of the URL path. The path version is useful for situations such as video delivery.
This section contains instructions on generating and formatting the unique tokens and using those to sign an URL. Check out our code examples and helper functions for popular programming languages, allowing you to sign a URL with a simple function call.
Gotipath Stream provides Multi CDN by default so we need to make sure the security is maintained with all our CDN providers. Let’s dive into how we can sign an URL. Once we enable token security, all content will be inaccessible by the CDN domain, we have to follow a specific rule to access the contents.
Requirements:
Take the resource path from the url. You will have “/path/to/resource"
Generate a string using following “%s%s %s” format.
Transform the string into a MD5 hash.
Add two extra query parameter into the url “md5” and “expires”. The value of “md5” is the generated md5 hash from above process, and the value of “expires” is the end time in unix value. You will have something like “https://cdn.example.com/path/to/resource?clientId=12345&product=A123&other=xyz&md5=DMF1ucDxtHCxwYQ&expires=214
7483647″
💡
Behavior: An end-user who attempts to access prohibited content will receive a ”Forbidden” message (HTTP response code 403) from their browser. Sometimes user device’s time settings may occur an issue. To solve this you may set 10 seconds time at stime
NOTE
Make sure our CDN providers can access the content on your origin server regardless of whether a key/token is present or not.And the date time of the device where the url is generated is correct.