Skip to content

URL Tokenization and ContentId API

What is URL Tokenization?

For security and privacy reasons, some web servers employ a tokenization system that blocks requests unless a specific token is provided. This token can be a general token attached to the specified resource (such as a video segment) or a user-specific (session) token. The token is encrypted and will usually contain an expiry date. While a general token might prevent direct access to the resource, a session token will prevent access to the resource outside the context of your site. The token might validate that the user requesting the stream has the same IP, User-Agent, JS generated hash and other user specific info.

Examples

Generic Token

A common implementation for a generic token might look like this:

1
2
3
http://example.com/hls/playlist.m3u8?token=4180da90a6973bc8bd801bfe49f04a&expiry=1526231040535

http://example.com/hls/segment001.ts?token=4180da90a6973bc8bd801bfe49f04a&expiry=1526231040535

And so trying to get http://example.com/hls/segment001.ts will result in 403 or other error status.

Session Token Examples

Peer5 URL Tokenization support

Like standard http CDNs, Peer5 uses the resource's URL as identifier for the cached object. When URL tokenization is used, different users will have different urls for the same resource. Peer5 client generates a unique ID for each shared resource (i.e. video segment) so it can identify that different URLs point to the same resource. This is done by using an in-place replacing mechanism. This makes the Peer5 client capable of sharing resources across multiple users (with multiple session tokens).

To be able to identify each resource uniquely by its URL, Peer5 parses the server’s URL by using a URL scheme. Since each tokenization method has its own URL scheme, every such scheme must be implemented. We have implemented out-of-the-box solutions for many popular media providers not limited to:

  • Wowza
  • Akamai
  • Google-meet
  • Azure
  • Kaltura
  • Cloudfront

In case your URL tokenization scheme is not supported, you can implement it yourself using the Peer5 ContentID API or you can Chat with us directly, and we’ll configure the content identification for you.

ContentID API

ContentID API is a way for you to configure and customize the Peer5 content identification.

ContentID API is called using the .configure() API call.

contentIdReplacer

This method allows you to add a js function that will parse the url and return the digested url without the session token (or with session token replaced).

1
2
3
4
5
6
window.peer5 
&& peer5.configure({
 contentIdReplacer: function replacer(url) {
   return url.replace(/\d.*\d/, 'abcdefg');
 }
});

The following is an example of the client behaviour with this contentIdReplacer configured

1
2
3
4
5
<!-- URL to be replaced -->
http://example.com/hls/1sometoken2/segment001.ts

<!-- Resulting URL -->
http://example.com/hls/abcdefg/segment001.ts