Secure video playback
You can set a playback policy for a livestream to secure video playback.
Your playback policy can be either:
public
- No access control is applied to the assetjwt
- A JSON Web Token (JWT) is required to playback the asset
If you set your stream's playback policy to JWT, you will need to sign a token with a signing key and put it in the playback URL to be able to playback your stream.
Step 1: Create a livestream with a signed playback policy
Create a livestream with a signed playback policy. The playback policy can be specified when creating a new live stream, or can be added to an existing live stream.
Step 2: Create a signing key
A signing key is used to sign JWTs and are necessary to make a stream private. You can find more information about the response object here.
The privateKey
field generated by this request is available only
on creation and cannot be retrieved later.
- JavaScript
const response = await fetch(
"https://livepeer.studio/api/access-control/signing-key",
{
method: "POST",
headers: {
Authorization: `Bearer ${process.env.API_TOKEN}`,
"Content-Type": "application/json",
}
}
);
const responseObject = await response.json();
Step 3: Sign the JWT
After setting up your livestream and signing key, you will need to sign the JWT so you can use it.
- JavaScript
// use the signAccessJwt export from `livepeer` in Node.JS
import { signAccessJwt } from 'livepeer/crypto';
const accessControlPrivateKey = process.env.ACCESS_CONTROL_PRIVATE_KEY;
const accessControlPublicKey =
process.env.NEXT_PUBLIC_ACCESS_CONTROL_PUBLIC_KEY;
const handler = async () => {
// we sign the JWT and return it to the user
const token = await signAccessJwt({
privateKey: accessControlPrivateKey,
publicKey: accessControlPublicKey,
issuer: 'https://livepeerjs.org',
// playback ID to include in the JWT
playbackId: playbackId,
// expire the JWT in 1 hour
expiration: '1h',
// custom metadata to include
custom: {
userId: 'user-id-1',
},
});
return token
}
Step 4: Include the JSON Web Token (JWT) in the media URL
Your livestream is now privately secured! To playback a JWT secured video,
you will need to add the token to your URL as such:
https://livepeercdn.com/hls/4be03pfwk16x18ve/index.m3u8?jwt=$JWT_TOKEN