Skip to main content

Stream url tokens

To secure the link to your media we have developed a token system. You can calculate a hash using a secret token you can find in de API menu in the Jet-Stream platform interface.

By keeping your secure token private you will be the only one that can hand out player or media URL's to your viewers, preventing deeplinking and other unauthorized use.

Code examples#

import MD5 from "crypto-js/md5";
function calculateToken(filename, secret_token) {
let timestamp = Math.floor(Date.now() / 1000);
let raw_hash = MD5(timestamp.toString() + filename + secret_token);
return timestamp.toString(16) + "|" + raw_hash.toString();
}

You can copy the examples right into your own codebase. Please make sure you don't expose the secure token in public. Like when checking your sourcecode in to Git.

Interactive code example#

This code example runs local in the browser. It is safe to use this to double check your implementation using your own secret token.

The provided example is in React because we use Docusaurus as our documentation tool.

Live Editor
Result
SyntaxError: Unexpected token (1:8)
1 : return ()
            ^

Check your implementation#

You can actually use the above code sample to check the tokens you have generated yourself.

The input fields in the example are actually working, so if you enter your own parameters it will update the result section.

Token validity#

The token you generate will be valid for 5 minutes. If you need a longer validity, lets say, 10 minutes, you can generate the timestamp with an additional 600 seconds. Our platform will validate the token since it is not more than 5 minutes (300 seconds) in the past.

import MD5 from "crypto-js/md5";
function calculateToken(filename, secret_token) {
let timestamp = Math.floor(Date.now() / 1000);
// Adding the 10 minutes
timestamp = timestamp + (10 * 60);
let raw_hash = MD5(timestamp.toString() + filename + secret_token);
return timestamp.toString(16) + "|" + raw_hash.toString();
}