Configuration Options
This document describes configuration options for Axinom DRM License Service for Widevine, FairPlay, and PlayReady.
Conventionsβ
In this document, the <APP_PATH>
refers to the application root path.
When a relative path is specified as an option, it is relative to the <APP_PATH>
.
The application root path is defined as follows:
- FairPlay - location of FairPlayApi.exe
- PlayReady - location of PlayReadyNetCore.exe
- Widevine - location of WidevineApi.exe
Common Optionsβ
The following options are supported for all DRM technologies.
AllowProxyβ
Specifies whether a reverse proxy is used.
If set to "true", the app assumes that all requests come through a trusted proxy.
It then determines the HTTP scheme and the IP of the client via the
X-Forwarded-For
and X-Forwarded-Proto
HTTP headers (set by the proxy),
respectively.
If set to "false", the actual HTTP scheme and the IP of the HTTP request are used.
If no proxy is present, a setting of "true" creates a security risk as clients can then forge their HTTP scheme and IP address by manipulating the headers. Change this setting only if you understand the consequences.
By default, the setting is "true" for FairPlay and Widevine, as the default container image includes an Nginx reverse proxy that provides HTTPS support.
For PlayReady, the default is "false", since it is an ASP.NET app integrated with the IIS web server.
Required |
No |
Default value |
FairPlay and Widevine - "true", PlayReady - "false" |
Data type |
Boolean |
Supported values |
|
ConfigurationFolderPathβ
Specifies the folder where the app searches for its configuration and other DRM technology-specific files. Within this document, this path is referred to as the <CONFIG_PATH>
.
Required | No |
Default value | PlayReady - "C:\Config" (on Windows), Widevine and FairPlay - "/Config" |
Data type | String |
Supported values | Any path in string format. |
IsDevelopmentEnvironmentβ
Specifies whether the environment is meant for development. It configures certain aspects of the app to make it easier to work in a development environment.
This is a development-only option.
Required |
No |
Default value |
"false" |
Data type |
Boolean |
Supported values |
|
EncryptedEncryptionKeyAsBase64β
Specifies the encryption key, provided in an encrypted form, that the app uses
for encrypting and decrypting configuration data in KeySeeds.json
, CommunicationKeys.json
.
The value is encrypted with the key known to Axinom DRM License Service.
Required | Yes |
Data type | Base64 string |
Supported values | Any base64 string that represents an array of 16 bytes. For example: "MlypQgoalSkaX/x1YvnRiA==". |
FrontendDataFolderPathβ
Specifies the location where frontend data is stored.
Required | No |
Default value | "<CONFIG_PATH>" |
Data type | String |
Supported values | Any path in string format. |
FrontendDataUpdateIntervalβ
Specifies the interval at which the tenant configuration data (=Frontend Data) is reloaded. The interval begins when the application is started or when the last update occurs.
To disable automatic updates, the value can be set to "0".
See also: Updating On-board Configuration.
Required |
No |
Default value |
"5:00" (5 minutes) |
Data type |
TimeSpan string |
Supported values |
|
LicenseAcquisitionUrlWithoutSchemeβ
Specifies the license acquisition URL of the application (without the HTTP scheme part). This is only used by the appβs Checks API, which performs self-checks to monitor the appβs health. Since these checks are optional, setting this value is also optional.
If set, this is the URL where the Checks API sends self-check requests. If not set, then some features of the Checks API are not available.
In development environments, i.e. when IsDevelopmentEnvironment
is "true",
this value is automatically replaced with an internal value.
Required | No |
Default value | N/A (or an internal value, if IsDevelopmentEnvironment is set to "true"). |
Data type | String |
Supported values | Any valid URL in string format. For example "example.com/api/AcquireLicense". |
FairPlayβ
There are no FairPlay-specific configuration options.