Signed Streaming URLsΒΆ

It is possible to sign the URLs used for streaming. This page describes the format used for signing URLs. The main method of signing URLs with the new method is the same for each type of streaming URL usable by the platform.

Streaming URLs must be signed by a specific user. The user that signs the streaming URL must have sufficient rights to play the item being signed: they must have the item-play token in the account to which the item belongs. The Pre-Shared Key of this user must be used to sign the URL.

The user ID, their PSK and a UNIX timestamp are required to sign a streaming URL. A signed URL is valid until the given timestamp. There is no lower limit on the timestamp, i.e. it is allowed to watch the item at any moment before the given timestamp. This allows the party signing the requests to take into account that users might seek in an item without invalidating the signature.

To calculate the signature of a URL, first add the user ID of the user signing the URL and the wanted timestamp as GET parameters to the URL (without the protocol or server). The user ID should be added as the signuser parameter and the timestamp should be added as the signts parameter. When this path is known, calculate the signature by using HMAC-SHA1, similar to signing requests for API version 3. The filename (i.e. everything starting from the last /) should be removed from the path before calculating the signature. Append the resulting signature as a GET-parameter called signature.

Note that the URL query parameters (including the signature) should be encoded according to RFC 3986 before signing. This means that only alphanumeric characters and the characters “-”, “.”, “_”, “~” and “%” can occur in the query parameters (and of course the “=” to separate query keys and values and the “&” to separate query parameters). For PHP this means that one should use rawurlencode and not urlencode, as the latter also encodes the tilde and uses + for spaces instead of %20.

Note that the signature is validated every time a new request is made to the streaming server. When this is done depends on the streaming method used, but the system guarantees that users will be able to watch the object at least as long as the signature is valid. After the signature is expired new request are not allowed, but end-users might still watch locally cached data.

For example, consider the following request to stream an adaptive HLS URL:

Full URL:
Path: /hls/account=eq4tv-eRNBkQ/item=6hxkvIqDfoI0/playlist.m3u8
Path without last part: /hls/account=eq4tv-eRNBkQ/item=6hxkvIqDfoI0
User ID: eI4lmMKRf1gQ
User PSK: uIMTdkEwaAxsnaMDdxMUeAolmYIT6Jpt
Timestamp: 1419264783

First, the URL with the preliminary signuser and signts-parameter is constructed. This results in:


This URL is signed with HMAC-SHA1 using the user PSK, resulting in the following signed path: