Best Practices

Ooyala provides a set of APIs that enable you to create rich and unique experiences on your web sites. Here are some best practices to follow.

Security of Your API Keys

Keep your Ooyala API key, secret, and provider code safe and secure. Avoid embedding the keys or code directly in your applications. Allow only secure processes to read your secret and key.

Brightcove Technical Support or other personnel will never ask for security keys.

Caching or Database for Your Front-end Server

  • To provide speedy responses to your customers, set up caching or a database on your web site so that you avoid making many calls to the Backlot APIs during user interaction with your site. For more details, see Advice for Web Programming.
  • In addition, take advantage of Ooyala's high performance API endpoint ( It caches repeated requests from large volume web sites. Depending on the type of content, round your request expiration times up to the next hour, four hours, eight hours, or day. For example, if your data changes frequently, round up to the next hour. If your data doesn’t change often, round up to the next day. For more details, see High Performance API Endpoint

Error Handling

Make sure your code handles errors and that your web site can gracefully display content in case of a problem.

Rate-limit Management

Rate-limited requests return the number of seconds before rate limiting is reset. Configure your code to wait the specified number of seconds before retrying. For more detail, see API Rate Limiting.