Skip to main content

Secure video playback

You can set a playback policy for a livestream to secure video playback.

Your playback policy can be either:

  • public - No access control is applied to the asset
  • jwt - A JSON Web Token (JWT) is required to playback the asset

If you set your stream's playback policy to JWT, you will need to sign a token with a signing key and put it in the playback URL to be able to playback your stream.

Step 1: Create a livestream with a signed playback policy

Create a livestream with a signed playback policy. The playback policy can be specified when creating a new live stream, or can be added to an existing live stream.

Step 2: Create a signing key

A signing key is used to sign JWTs and are necessary to make a stream private. You can find more information about the response object here.

caution

The privateKey field generated by this request is available only on creation and cannot be retrieved later.

const response = await fetch(
  "https://livepeer.studio/api/access-control/signing-key",
  {
    method: "POST",
    headers: {
      Authorization: `Bearer ${process.env.API_TOKEN}`,
      "Content-Type": "application/json",
    }
  }
);

const responseObject = await response.json();

Step 3: Sign the JWT

After setting up your livestream and signing key, you will need to sign the JWT so you can use it.

// use the signAccessJwt export from `livepeer` in Node.JS
import { signAccessJwt } from 'livepeer/crypto';

const accessControlPrivateKey = process.env.ACCESS_CONTROL_PRIVATE_KEY;
const accessControlPublicKey =
  process.env.NEXT_PUBLIC_ACCESS_CONTROL_PUBLIC_KEY;
 
const handler = async () => {
  // we sign the JWT and return it to the user
  const token = await signAccessJwt({
    privateKey: accessControlPrivateKey,
    publicKey: accessControlPublicKey,
    issuer: 'https://livepeerjs.org',
    // playback ID to include in the JWT
    playbackId: playbackId,
    // expire the JWT in 1 hour
    expiration: '1h',
    // custom metadata to include
    custom: {
      userId: 'user-id-1',
    },
  });

  return token
}

Step 4: Include the JSON Web Token (JWT) in the media URL

Your livestream is now privately secured! To playback a JWT secured video, you will need to add the token to your URL as such: https://livepeercdn.com/hls/4be03pfwk16x18ve/index.m3u8?jwt=$JWT_TOKEN