How to enable secure token for Akamai CDN?

Applying a secure token to the CDN URLs will decrease leaching, and provide more secure access to your CDN resources by switching off access after a specified time period.

When Secure Token is enabled your content may be downloaded only if a request contains a hash key. Secure Token protects your content from unwanted downloads.

A tokenized URL looks like*~hmac=42b4464b2bb90639a2c3bd444501bb7f8e9c2437bebd4cfdaec5664c3aeb8a11

This article will serve as a walkthrough to show how to set up Secure Token in your 5centsCDN portal.

Setting Up Secure Token

Enable Secure Token and define your secret (The secret key is similar to a password and can contain from 6 to 32 characters) and time in the provided field under Security settings:

For live Push/Pull streams:

Go to > Dashboard > Live stream > Push/Pull stream > “Manage” your Stream > Security > Secure token

For HTTP Push/Pull zones:

Go to > Dashboard  > Zones  > HTTP Push/Pull  > “Manage” your Zone > Security > Secure token

For VOD Push/Pull zones:

Go to > Dashboard  > Zones  > VOD Push/Pull  > “Manage” your Zone > Security > Secure token

Click on Save

For generating the hash key refer to below PHP example scripts

 require_once ‘AkamaiToken.php’;
 $secret = ‘secret key’;
 $path = ‘/demo/stream/playlist.m3u8’;
 $ttl = 300;
 $c = new Akamai_EdgeAuth_Config();
 $c->set_acl(rtrim(pathinfo($path, PATHINFO_DIRNAME), ‘/’).‘/*’);
 $g = new Akamai_EdgeAuth_Generate();
 $token = ‘hdnts=’.$g->generate_token($c);
 $url = “{$path}?{$token}”;
 echo $url . “\n”;

You can download the AkamaiToken.php file from here:

Is that all I need?

Yes. Now when your request is signed with signature, CDN will be checking each incoming request against its signature. Immediately after that the connection will be either allowed or denied, it takes just several milliseconds.

Was this article helpful?

Related Articles