Dynamic download and file protection
  • 02 Apr 2024

Dynamic download and file protection


Article summary

Dynamic File Download

Files can now be downloaded using dynamic URLs. This means that you can locate the file if you know the asset type's URL scheme and have information about the asset, such as its ID.

The following table provides the dynamic URL scheme for each asset type:

Asset Type

URL Scheme

Video Source Files

{DOMAIN}/public/videos/{VIDEO_ID}/source

Video Format Files

{DOMAIN}/public/videos/{VIDEO_ID}/formats/{PROFILE_KEY}

Thumbnails

{DOMAIN}/public/videos/{VIDEO_ID}/thumbnails/{THUMBNAIL_ID}?quality={QUALITY}

Chapter Thumbnails

{DOMAIN}/public/videos/{VIDEO_ID}/chapters/{CHAPTER_ID}/thumbnails?quality={QUALITY}

Subtitles

{DOMAIN}/public/videos/{VIDEO_ID}/subtitles/{SUBTITLE_ID}?source=VTT

Video Attachments

{DOMAIN}/public/videos/{VIDEO_ID}/attachments/{TYPE_NAME}/{FILENAME}

Channel Attachments

{DOMAIN}/public/channels/{CHANNEL_ID}/attachments/{TYPE_NAME}/{FILENAME}

The {DOMAIN} placeholder should be replaced with the domain of the movingimage Platform. The default domain is https://asset-out-cdn.video-cdn.net.

The {VIDEO_ID} placeholder should be replaced with the ID of the video or channel that the asset belongs to.

The {THUMBNAIL_ID} placeholder should be replaced with the ID of the thumbnail, if applicable.

The {CHAPTER_ID} placeholder should be replaced with the ID of the chapter, if applicable.

The {TYPE_NAME} placeholder should be replaced with the name of the attachment type.

The {FILENAME} placeholder should be replaced with the name of the file.

The {QUALITY} placeholder is optional and can be used to specify the quality of the thumbnail or subtitle file. The default quality is 360p.

File Protection

By default, files are protected from non-logged-in users via the use of tokens provided in the file's download URL. The download URLs can be acquired from the movingimage Platform API.

Protect Files on the movingimage Platform

File protection on the movingimage Platform controls a user's ability to access files. When a user is logged in, VideoManager Pro's ownership features determine access rights. This new beta feature addresses file protection for users not logged in.

By default, files are protected from non-logged-in users using tokens in the file's download URL (valid for 120 minutes). These URLs can be obtained from the movingimage Platform API.

Example Download URL for a Protected Video Thumbnail File:

https://asset-out-cdn.video-cdn.net/private/videos/-civ9qE3JUjntKQM1HnGtU/thumbnails/78912?quality=360p&__token__=exp=1519826701acl=***hmac=***

File protection can be disabled to allow public access without a token:

https://asset-out-cdn.video-cdn.net/public/videos/-civ9qE3JUjntKQM1HnGtU/thumbnails/78912?quality=360p

Unprotected files use "/public/" instead of "/private/" and lack a token.

Key Points:

  • All files are protected by default, requiring admin rights in VideoManager Pro to disable protection.

  • Unpublished files are accessible only via VideoManager Pro or the movingimage Platform API.

  • File protection can be disabled for all assets or for specific asset types (thumbnail, chapter thumbnail, attachment, subtitle, etc.).

To enable or disable file protection, you can use the following API endpoints:

Manage File Protection on the movingimage Platform

VideoManager Level Requests

  • Endpoint: /v1/vms/{videoManagerId}/security-override

  • Use this endpoint to manage file protection for all files within a VideoManager.

GET:

  • Authorization: Bearer "{token}"

  • Example 1: All files are protected (scope is "private", and no "public" override exists for videos, channels, or asset types).

  • Example 2: All files are generally protected, but the video source and format files for one video are public, and all asset types of one channel are public.

  • Get file protection details for the specified VideoManager. The VideoManager scope (public or private) will be returned along with a list of video and/or channel assets that have been made public (if any). See the example responses on the left for details.

POST:

  • Authorization: Bearer "{token}"

  • This request makes all assets within the specified VideoManager public. You do not need to include a request body.

DELETE:

  • Authorization: Bearer "{token}"

  • This request makes all assets in the VideoManager private/protected again (including all Channel and Video assets).

Asset Level Requests

  • Endpoint: /v1/vms/{videoManagerId}/asset-type/security-override

  • Use this endpoint to remove file protection for specific asset types at the VideoManager level.

POST:

  • Authorization: Bearer "{token}"

  • Body:

{
  "assetTypes": [
    "VIDEO_SOURCE",
    "VIDEO_FORMAT",
    "STILL_SOURCE",
    "STILL_RESOLUTION",
    "SUBTITLE",
    "ATTACHMENT"
  ]
}
  • This request specifies which asset types are to be made public for the whole VideoManager. All possible asset types are listed in the example. You must specify at least one asset type.

Channel Level Requests

  • Endpoint: /v1/vms/{videoManagerId}/channels/{channelId}/security-override

  • Use this endpoint to remove file protection for only one asset type, attachment, at the Channel level.

POST:

  • Authorization: Bearer "{token}"

  • Body:

{
  "assetTypes": [
    "ATTACHMENT"
  ]
}
  • This request specifies which asset types are to be made public within the channel. Channels currently only support the attachment asset type.

DELETE:

  • Authorization: Bearer "{token}"

  • Use this request to make all assets in the specified Channel private/protected again.

Video Level Requests

  • Endpoint: /v1/vms/{videoManagerId}/videos/{videoId}/security-override

  • Use this endpoint to remove file protection for assets at the Video level. Note that there are two possible POST requests that work differently (see details in the table below).

POST #1:

  • Authorization: Bearer "{token}"

  • Body:

{
  "scope": "public"
}
  • This request makes all assets within the specified Video public.

POST #2:

  • Authorization: Bearer "{token}"

  • Body:

{
  "assetTypes": [
    "VIDEO_SOURCE",
    "VIDEO_FORMAT",
    "STILL_SOURCE",
    "STILL_RESOLUTION",
    "SUBTITLE",
    "ATTACHMENT"
  ]
}
  • This request specifies which asset types are to be made public within the Video. All possible asset types are listed in the example. You must specify at least one asset type.

DELETE:

  • Authorization: Bearer "{token}"


Was this article helpful?