Preview (Protected) Videos
Overview
Videos can be encoded and registered in the Video Service. The encoded files reside in your storage either in plain or in encrypted form. To manage cue points in the Video Service it is very helpful for editors if they can see the video for which they define the cue points.
If you are using Azure Blob Storage and enable public read access to your blob storage and use unencrypted videos the playback works out of the box.
But if you use a CDN or custom URL to expose your videos you would need to tell the Video Service, under which URL it can request the manifest file to show the video within the Management System.
Or if you encrypt your videos you would need to generate an entitlement message to allow the video playback.
Please refer to the Webhooks article on how to generally implement a webhook securely.
Manifest Webhook
If your video manifest is not accessible directly through the storage URL, you can use the Admin Portal to configure the “Manifest” webhook.
You can find the full webhook JSON schema payload and response format as well as the Typescript interfaces in the @axinom/mosaic-messages package.
As an excerpt: the payload contains the video and management_user
sub-objects:
Video
| Field Name | Type | Description |
|---|---|---|
| id | string | A UUID representing |
| title | string | Title of the entity |
| source_file_name | string | Source file name, nullable. |
| source_location | string | Path to the source video files. |
| is_archived | boolean | Indicates whether the video is archived. |
| videos_tags | array | An array of video tag values. |
| video_encoding | object | Information about video encoding. |
| video_streams | object | Information about video streams. |
| management_user | object | Property "management_user" definition. |
Management User
| Field Name | Type | Description |
|---|---|---|
| tenant_id | string | Tenant ID. |
| environment_id | string | Environment ID. |
| name | string | User name. |
| string | User email, nullable. | |
| permissions | object | Permissions assigned to the user. |
| permissions | array | An array of permissions for the service. |
| subject_type | string | Type of the subject/user (enumerated). |
| iat | number | Issued at (seconds since Unix epoch). |
| aud | string | Audience of the original token. |
| iss | string | Issuer of the original token. |
| sub | string | Subject/user identifier. |
The response payload should contain the hls_manifest_url and/or the
dash_manifest_url depending on your use case. That URL should be usable from
a player running in the Mosaic Management Portal so you may need to check your
CORS settings.
Enitlement
If the video is DRM-protected you need to create a DRM entitlement message which allows the playback of that video for the logged in user.
The webhook request contains the same format and structure that is also used in the manifest webhook scenario.
The response payload should contain the following fields that allow the playback of this video - or an error response.
| Field Name | Type | Description |
|---|---|---|
| entitlement_message_jwt | string | The JWT encoded and signed entitlement message that can be used with the DRM license server to receive a DRM license to play back the protected video. |
| widevine_license_service_url | string | A URL to the Widevine License Service that provides a DRM License to a player’s License Request. |
| playready_license_service_url | string | A URL to the PlayReady License Service that provides a DRM License to a player’s License Request. |
| fairplay_license_service_url | string | A URL to the FairPlay License Service that provides a DRM License to a player’s License Request. |
| fairplay_streaming_certificate_url | string | A URL to an Apple-issued FairPlay certificate to enable playback of FairPlay DRM-protected videos. |