Widevine/PlayReady license issuance
    • PDF

    Widevine/PlayReady license issuance

    • PDF

    Article summary

    An API issued through the One Click Multi DRM product to issue a license.
    This guide explains the license issuance API of Widevine and Playready DRM types. We provide FairPlay-type DRM licenses as a FairPlay Streaming license issuance API.

    Note

    The precautions for issuing licenses are as follows:

    • After the site is created, you must activate the site to issue the license.
    • Issuance of all licenses through One Click Multi DRM are based on the assumption that the DRM encryption packaging is ready.
    • One Click Multi DRM supports the response of binary (ORIGINAL)-type and the JSON-type licenses.
    • To use the license issued by One Click Multi DRM, you must request the license through apigw by including the X-DRM-TOKEN headers.
    • For the value to include in the X-DRM-TOKEN header, enter the Base64 string value converted from the JSON data.
    • Through the X-DRM-TOKEN header, the One Click Multi DRM product checks whether the user has permissions to the content and site and sets the DRM license rules according to the content security policies set in the requested site.
    • One Click Multi DRM supports effortless integration with NAVER Cloud's Video Player Enhancement product.
    • You must request all licenses through the information of the device for the DRM content playback and player implementation.
    Caution
    • The One Click Multi DRM product confirms the validity of the X-DRM-TOKEN header and issues the license that fits the selected site's settings. If the header value is invalid, the license is not issued.
    • You must select the license response type according to the player's license parsing type.
      For clients that only support general Multi DRM integration, such as HTML5 Player, the license response is usually supported as ORIGINAL.
    • The One Click Multi DRM product supports the registration of the FairPlay Streaming certificate. However, it does not support the new certificate issuance function. You must manually issue the FPS certificate from Apple. See the guide for details: FairPlay Streaming certificate issuance
    • The One Click Multi DRM product supports INKA Pallycon's token proxy issuance. See the guide for details on operations regarding the token proxy issuance: Pallycon token proxy-based license
    • The validity check is not supported for the FairPlay Streaming certificate uploaded to the One Click Multi DRM product.
    • At the X-DRM-TOKEN header for the One Click Multi DRM license request, the unique user ID of the user playing the content (user ID managed by the service site or user account using the DRM content) must be included.
    • The contentId to include in the X-DRM-TOKEN headers for the One Click Multi DRM license request must be identical to the CID used for the content's DRM packaging. For example, enter value identical to the contentId entered to Live Station's DRM settings.
    • If you request the One Click Multi DRM license using Video Player Enhancement, it will be supported only by versions 1.1.1 and later.

    Requests

    POST https://multi-drm.apigw.ntruss.com/api/v1/license
    

    Request headers

    Header nameRequirement statusDescription
    x-ncp-apigw-timestampYESThis is the number of milliseconds that have elapsed since January 1, 1970 00:00:00 (UTC)
    If the time difference compared to the API Gateway server is 5 minutes or longer, then the request is considered invalid
    x-ncp-apigw-timestamp:{Timestamp}
    x-ncp-iam-access-keyYESValue of access key ID issued in the NAVER Cloud Platform portal
    x-ncp-iam-access-key:{Sub Account Access Key}
    x-ncp-apigw-signature-v2YESSignature encrypted with the access key ID value and secret key
    x-ncp-apigw-signature-v2:{API Gateway Signature}
    Content-TypeYESSpecifies the request body content type as application/json
    Content-Type: application/json
    x-ncp-region_codeYESRegion code (KR)
    x-drm-tokenYESAn encrypted token value including the necessary data for One Click Multi DRM license issuance
    x-drm-token:{X-DRM-TOKEN}

    X-DRM-TOKEN headers

    You must authenticate X-DRM-TOKEN headers to issue the license through the One Click Multi DRM.
    For the X-DRM-TOKEN header value, enter the following Base64 string value converted from the JSON data.

    • Through the X-DRM-TOKEN header, the One Click Multi DRM product checks whether the user has permissions to the content and site and sets the DRM license rules according to the content security policies set in the requested site.
    Field nameRequirement statusValid valueDescription
    siteIdYESSite ID for license issuance
    contentIdYESUnique ID of content for playback
    Used during DRM packaging (for CPIX API request, the content ID value included in XML Body). You can enter 3 to 100 characters using English letters, numbers, hyphens (-), and underscores (_).
    drmTypeYESWIDEVINE
    PLAYREADY
    FAIRPLAY
    DRM type that requests license
    responseFormatYESORIGINAL
    JSON
    Response data type for the license request (default value: ORIGINAL)
    * ORIGINAL: data response for the requested binary license
    * JSON: responds in JSON format including the license data and additional information, such as client device ID. Only applicable when using token proxy or client SKD
    userIdYesStringUnique user ID of the user that requested the license (user ID managed by the service site or user account playing the DRM content)

    Create X-DRM-TOKEN headers

    The following describes how to create X-DRM-TOKEN.

    1. To request the license, enter the necessary fields, including siteId, contentId, drmType, responseFormat, and userId, in JSON.
    # json
    {"siteId":"drm-20231115142326-nHyNw","contentId":"my-drm-content-sample","drmType":"WIDEVINE","responseFormat":"original","userId":"d41d8cd98f00b204e9800998ecf8427e"}
    
    1. Encode the entered JSON data to Base64 URL.
    # Base64 Encrypted String 
    eyJzaXRlSWQiOiJkcm0tMjAyMzExMTUxNDIzMjYtbkh5TnciLCJjb250ZW50SWQiOiJteS1kcm0tY29udGVudC1zYW1wbGUiLCJkcm1UeXBlIjoiV0lERVZJTkUiLCJyZXNwb25zZUZvcm1hdCI6Im9yaWdpbmFsIiwidXNlcklkIjoiZDQxZDhjZDk4ZjAwYjIwNGU5ODAwOTk4ZWNmODQyN2UifQ==
    
    Caution

    Be careful not to include spaces or line breaks in JSON during the Base64 encoding process.

    Examples

    Example of license issuance request including X-DRM-TOKEN header

    curl -i -X POST \
       -H "x-ncp-apigw-timestamp:1505290625682" \
       -H "x-ncp-iam-access-key:D78BB444D6D3C84CA38A" \
       -H "x-ncp-apigw-signature-v2:WTPItrmMIfLUk/UyUIyoQbA/z5hq9o3G8eQMolUzTEo=" \
       -H "x-ncp-region_code:KR" \
       -H "accept: application/json" \ 
       -H "X-DRM-TOKEN: eyJzaXRlSWQiOiJkcm0tMjAyMzExMTUxNDIzMjYtbkh5TnciLCJjb250ZW50SWQiOiJteS1kcm0tY29udGVudC1zYW1wbGUiLCJkcm1UeXBlIjoiV0lERVZJTkUiLCJyZXNwb25zZUZvcm1hdCI6Im9yaWdpbmFsIiwidXNlcklkIjoiZDQxZDhjZDk4ZjAwYjIwNGU5ODAwOTk4ZWNmODQyN2UifQ==" \
    'https://multi-drm.apigw.ntruss.com/api/v1/license'
    

    Response

    Note

    For the ORIGINAL-type license, the response is provided as binary.
    For the binary license request, the response example is not provided.

    Response to JSON-type license request

    Field nameRequirement statusTypeDescription
    licenseYesStringLicense JSON data
    licenseCreatedTimeYesTimestampLicense issuance time
    tokenCreatedTimeYesTimestampValid time after passing X-DRM-TOKEN header validity check
    tokenExpireTimeYesTimestampValid time of requested X-DRM-TOKEN header

    Response example

    HTTP/1.1 200 OK
    Server: nginx
    Date: Fri, 20 Nov 2023 20:53:32 GMT
    Content-Type: application/json;charset=utf-8
    Connection: keep-alive
    Access-Control-Allow-Origin: *
    x-ncp-trace-id: 36c9k60om4p3238cpmc9gm4cj4
    
    {
      "license": "080512BF050AB9020803121044E0A85CB19D0441AC6C66B3D6ABBCC218E39FC48D06228E023082010A0282010100B2FB0D937113004C0F805C6C57DE7B266E2B5E2FE12241FF1421ED55DE2C3F73F62891D7587A8ED153F4009D9522C3609A5DC3C4E43891F8F2D7B448B36E8B77AD96DC795795706D4289F8E61FBDF564AB57E5A5EDDB64FC4EA6891C793B3FC615998CB01214D769F5BC9F93DD96D5ACB7E7239F0C3749309C55C41DD889277B28D74ADA5CB9B3F760318B55EE7FB9336283E3792EA360CC3BD32F4FDB49C4D33A5836DE3428B62D027964A989F42AB37E123BE5EFC15285090B2601F09A93AAD66546D8F85820B882A1AA3D320A8759628BB177484A660D54711FDC338DB6119E34B49F927942A343F5AD069C06DBCAF3958F83F796EAC7BF5C860B893D6CB102030100013A08696E6B612E636F6D400248011280030078BF2DF3FF6F3A488B86023BD961B3FCA718DAA38976B74620A560A8524E53C16F064CB7528F174162F331C32AA0E72296DD15BB79CA986B7739A85C7A4AB4B06D8665CDD166C58C1E030D6232AEC7970801125CC59FB988265FFFD38BD04241AAFEBB91F8C933A9E70A3B52F0FBF29306F10A2AF91B30BD3EBE24D7890778898A4999F0F7D28BFFBBD6647B08D93EDEE309C2B4B9E3080F269A1C3DE899FDA800C277EC6D0882365B1C9805D0FF4DBEB2E8BA5C51F86F910F73C1776761B85F88943E44DDCD7ABF797C4A4BE2489D6BE4FAAE4569A435E5D5E3773636EF872706F155B271D6E49D4C750A51614DBBD5D2A0F9B8E352FA91B52EC19593F215BCEB2E8401CCC9757C48793C9AB4904B93C7D326BFFBB5E24CDBF297599FB22724C95C9D40D44455586B188A6D10658BEBE5F6CE812FABB8CA58282B5D28176D5DFF3B358692CC4FC6895A06C0B90A192D65F69AE07415DCEF6E54A677D5C769BA6E9CC24E2B968BC3E6E4D4E099E446D9F7E38740DBB708023E6D35D99F1B10",
      "licenseCreatedTime": 1700476438204,
      "tokenCreatedTime": 1700476438107,
      "tokenExpireTime": 1700477038107
    }
    

    Was this article helpful?

    Changing your password will log you out immediately. Use the new password to log back in.
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.