You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
General idea is to provide a hash from client which will be checked on ams side to authorize a user
Hashing algorithm looks like this
sha256(STREAM_ID + ROLE + SECRET) - hash of 3 concatenated strings
STREAM_ID - just the stream name - self explanatory
ROLE - string which values are ‘publish’ or ‘play’.
SECRET - random string which is shared by ams (via config) and party generating hash
So basically auth flow looks the same as for current implementation but token which is being sent through signaling looks like above
Should be an option to enable described logic via config.
Other thing is that we should be able to enable auth for each server and role independently - it means we can enable auth for publish and disable for subscribers. Each node should have it’s own config and perform auth accordingly.
There is no need for us to have logic above configurable via web interface but highly likely you’ll do it anyway for other customers
The text was updated successfully, but these errors were encountered:
General idea is to provide a hash from client which will be checked on ams side to authorize a user
Hashing algorithm looks like this
sha256(STREAM_ID + ROLE + SECRET) - hash of 3 concatenated strings
STREAM_ID - just the stream name - self explanatory
ROLE - string which values are ‘publish’ or ‘play’.
SECRET - random string which is shared by ams (via config) and party generating hash
So basically auth flow looks the same as for current implementation but token which is being sent through signaling looks like above
Should be an option to enable described logic via config.
Other thing is that we should be able to enable auth for each server and role independently - it means we can enable auth for publish and disable for subscribers. Each node should have it’s own config and perform auth accordingly.
There is no need for us to have logic above configurable via web interface but highly likely you’ll do it anyway for other customers
The text was updated successfully, but these errors were encountered: