Controlling Playback with the Ooyala Player Token

You can authorize playback using the Ooyala Player Token. (Available only if your Ooyala account includes this functionality. To enable Ooyala Player Token, contact your account manager.)

Limiting playback exclusively to authorized users and exclusively on your page requires the communication of the token request URL to the player, so that the player can utilize this URL throughout authorization. This is accomplished with the following steps:
Note: If the URL is not valid, it will display an error message. For more information about the error, see the "Error Types" topic in this document.

Two Types of Expiration Times

With this design, you should note the difference between the two expiration times. You need to set:
  • One expiration time on the token request (the URL that will be embedded on the page—adjustable by the provider’s server-side implementation). Use a short expiration time on the URL snippet so that the snippet cannot be replicated across other domains (it can be embedded, but will become nonfunctional).
  • The other expiration time on the token object itself (expiry time adjustable through your Backlot account). A longer expiration time may be set (if desirable) on the token object, since the Same Origin Policy protects its distribution.

Combining the Ooyala Token with Other Content Authorization Types

The Ooyala Player Token works either singly or in conjunction with other types Digital Rights Management (DRM) solutions that Ooyala provides (or supports) to ensure that users can have access to authorized content. You can also use the Ooyala Player Token in conjunction with:
  • Ooyala's Rights Locker entitlement enforcement system
  • Ooyala's device registration system
  • A CDN token to prevent unauthorized sharing of a direct link to an Real Time Messaging Protocol (RTMP) stream.
  • Encrypted delivery (such as RTMPE or HLS AES Encryption) to prevent recording of a stream.
  • DRM Technologies (such as Flash Access) to enforce usage rights on content.