The stream authentication function is currently in beta. Contact sales@agora.io before using it.
Sets a timestamp authentication key for the specified domain name.
PATCH https://api.agora.io/v1/projects/{appid}/fls/domains/{domain}
Parameter | Type | Description |
---|---|---|
appid |
String | Required. The App ID retrieved from Agora Console. |
domain |
String | Required. The domain name. |
The request body is in the JSON Object type and contains the following fields:
Parameter | Type | Description |
---|---|---|
authKey |
String | Required. The timestamp authentication key. Maximum length is 128 characters. |
If the returned HTTP status code is 200, the request is successful.
If the returned HTTP status code is not 200, the request fails. You can refer to the HTTP status code for possible reasons.
Request line
PATCH https://api.agora.io/v1/projects/{your_appid}/fls/domains/{your_domain} HTTP/1.1
Request body
{
"authKey": "{your auth key}"
}
Response line
HTTP/1.1 200 OK
Configures the settings of origin authentication.
PATCH https://api.agora.io/v1/projects/{appid}/fls/settings/streamauth/webhook
Parameter | Type | Description |
---|---|---|
appid |
String | Required. The App ID retrieved from Agora Console. |
The request body is in the JSON Object type and contains the following fields:
Field | Type | Description |
---|---|---|
enabled |
Boolean | Required. Whether to enable origin authentication: true : Enable origin authentication.false : (Default) Disable origin authentication. |
url |
String | Optional. The address of the server that handles origin authentication requests. |
secret |
String | Optional. The origin authentication secret. The process of generating a signature using the origin authentication secret is the same as that of the Notification Center Service. For details, see Signature Verification. |
If the returned HTTP status code is 200, the request is successful.
If the returned HTTP status code is not 200, the request fails. You can refer to the HTTP status code for possible reasons.
Request line
PATCH https://api.agora.io/v1/projects/{your_appid}/fls/settings/streamauth/webhook HTTP/1.1
Request body
{
"enabled": true,
"url": "www.test.com/auth/callback",
"secret": "{ncs_secret}"
}
Response line
HTTP/1.1 200 OK
Gets the configuration of origin authentication.
GET https://api.agora.io/v1/projects/{appid}/fls/settings/streamauth/webhook
Parameter | Type | Description |
---|---|---|
appid |
String | Required. The App ID retrieved from Agora Console. |
If the returned HTTP status code is 200, the request is successful. The response body contains the following fields:
Field | Type | Description |
---|---|---|
enabled |
Bool | Required. Whether origin authentication is enabled : true : Origin authentication is enabled.false : Origin authentication is disabled. |
url |
String | Optional. The address of the server that handles origin authentication requests. |
secret |
String | Optional. The origin authentication secret. The process of generating a signature using the origin authentication secret is the same as that of the Notification Center Service. For details, see Signature Verification. |
If the returned HTTP status code is not 200, the request fails. You can refer to the HTTP status code for possible reasons.
Request line
GET https://api.agora.io/v1/projects/{your_appid}/fls/settings/streamauth/webhook HTTP/1.1
Request body
{
"enabled": true,
"url": "www.test.com/auth/callback",
"secret": "{ncs_secret}"
}
Response line
HTTP/1.1 200 OK
Agora uses the following parameters to send requests to your server handling origin authentication:
Parameter | Type | Required | Description |
---|---|---|---|
host |
String | Yes | The stream-pushing or -playing domain name. |
entryPoint |
String | Yes | The name of the entry point. |
streamName |
String | Yes | The stream name. |
cdnIp |
String | No | The IP address of the CDN node. |
clientIp |
String | No | The IP address of the client. |
token |
String | No | Authentication information. |
requestId |
String | No | The request ID. |
The HTTP status code you return must be one of the following:
Status code | Description |
---|---|
200 | The request succeeds. |
400 | The parameter is invalid, for example the appid or the domain is empty. |
401 | Unauthorized (the customer ID and the customer secret do not match). |
404 | The server cannot find the resource according to the request, which means the requested domain name does not exist or the requested URI path is invalid. |
500 | An internal error occurs in the server, so the server is not able to complete the request. |
504 | An internal error occurs in the server. The gateway or the proxy server did not receive a timely request from the remote server. |