Hi,

I’m trying to find a way to use the wowza cdn service with securetokens while at the same time making sure an authenticated (on our side) viewer can’t share their credentials and connect multiple times. Using our local wowza server this is easy since we can access the connected viewers and are able to track when a user has disconnected. Is there a way to do this with the cdn service? Such as an api to access all the current connected users and we could filter by token or perhaps a way to callback to our system when a token disconnects?

@Daniel Daley. The CDN will validate the hash based on the secret you provide. You still need to generate the query parameters for viewers. Examples are provided on the article page below:

https://www.wowza.com/docs/how-to-protect-a-wowza-cdn-stream-target-with-token-authorization-in-wowza-streaming-cloud

With token auth, you can create custom parameters down to an ip address, set specific windows, etc to tighten the access and restrict outside viewers. You can set it up to only allow certain IP addresses to have access for a certain length of time.

I hope this helps.

In the doc I linked above, at the bottom of the article, you can download some very specific parameter examples to decrease the chance of unrestricted viewers getting access.

I did see all the parameters. But in a real scenario where say a user has access to content for a 24hr period they are likely to stop watching and come back multiple times possibly from multiple ips. In that case the token must be regenerated and a new link provided. Unless there’s a way to determine if the person has stopped watching the token isn’t really effective at all in preventing shared access. Would you have any other ideas of how to do that with the cdn service?

Let me ask for you @Daniel Daley, I understand what you’re saying.