Documentation

Authorization tokens have several key arguments that you would use, so we have decided to keep the section dedicated to them only.

These arguments are as follows:

  1. expiration_date
  2. usage_expiration_time
  3. session_limit
  4. grants

expiration_date

This is optional parameter that you can use to set on which date the authorization token should expire.

usage_expiration_time

For how many seconds do you want the session to exist for?

session_limit

This is another optional parameter. It determines how many sessions can be created using the same token.

What is a session?

Session is created upon each opening or refresh of the page, however if you grab the link when it is created, and use it, that same link will not use the session limitation. What this means is if you get 1 link and save it. Even if you were to open it 10 times, it would still seem as if it was used only once - so it would never expire because of it (unless combined by other parameter such as usage_expiration_time.

grants

Unlike the other parameters, this one is always required since it is the one that determines what the authorization token is for and how it would behave.

As such it has its own sub arguments and resources that you would use and for that reason this is associative array.

Grants arguments

  1. read
    • Grant reading on certain resources (optional)
  2. destroy
    • Grant deleting certain resources (optional)
  3. create
    • Grant video creation (optional)
  4. update
    • Grant rerecording of certain resources (optional)

Each of them (read, destroy, create and update) have their own arguments to allow you to fine tune the authorization tokens to your liking.

They are as follows:

  • resources
    • Explicit array holding strings of video tokens (optional).
    • These tokens tell us on which video(s) do we want to apply the action. Due to the same the token would only be available for that specific list of videos and for the specific action(s) set.
  • session_owned
    • When this boolean (true or false) argument is set to true, it will allow access to all video objects (videos and its/theirs streams) created during the same session (optional).
  • all
    • gives access to all video resources.
    • Boolean value attribute (can be true or false), also optional.

There are also few other arguments that you can or would use.

These arguments are as follows:

  1. volatile
  2. token
  3. nonce
  4. hidden

volatile

Determines if this auth token object would be deleted or not if it was to remain empty. What this means is that you could create empty authorization tokens. Usually you would not need them since they do not do anything and this allows you to keep them deleted if so.

token

This is server-sde token identifier. The reason why it is called server-side is because it is created on our server and you add it to your embedding when needed, or it is created on your own server, and used after communicating about it with our server.

nonce

This is client-side token identifier. The reason why it is called client-side is because it is created on your own server without communicating with our servers. For that reason it is considered client side token. Event though it was not communicated to our servers, it is still possible for us to know that it is OK and allow you to use it.

hidden

When token is set to be hidden, you can not use it within the embedding directly.