Applying a secure token to the CDN URLs will decrease leaching, and provide more secure access to your CDN resources by switching off access after a specified time period.
When Secure Token is enabled your content may be downloaded only if a request contains a hash key. Secure Token protects your content from unwanted downloads.
A tokenized URL looks like
https://example.5centscdn.com/demo.stream/playlist.m3u8?hdnts=exp=1614564664~acl=/token/demo.stream/*~hmac=42b4464b2bb90639a2c3bd444501bb7f8e9c2437bebd4cfdaec5664c3aeb8a11
This article will serve as a walkthrough to show how to set up Secure Token in your 5centsCDN portal.
Setting Up Secure Token
Enable Secure Token and define your secret (The secret key is similar to a password and can contain from 6 to 32 characters) and time in the provided field under Security settings:
For live Push/Pull streams:
Go to > Dashboard > Live stream > Push/Pull stream > “Manage” your Stream > Security > Secure token
For HTTP Push/Pull zones:
Go to > Dashboard > Zones > HTTP Push/Pull > “Manage” your Zone > Security > Secure token
For VOD Push/Pull zones:
Go to > Dashboard > Zones > VOD Push/Pull > “Manage” your Zone > Security > Secure token
Click on Save
For generating the hash key refer to below PHP example scripts
<?php
require_once ‘AkamaiToken.php’;
$secret = ‘secret key’;
$path = ‘/demo/stream/playlist.m3u8’;
$ttl = 300;
$c = new Akamai_EdgeAuth_Config();
$c->set_key(md5($secret));
$c->set_acl(rtrim(pathinfo($path, PATHINFO_DIRNAME), ‘/’).‘/*’);
$c->set_window($ttl);
$g = new Akamai_EdgeAuth_Generate();
$token = ‘hdnts=’.$g->generate_token($c);
$url = “https://example.5centscdn.com{$path}?{$token}”;
echo $url . “\n”;
?>
You can download the AkamaiToken.php file from here: https://cp.5centscdn.
Is that all I need?
Yes. Now when your request is signed with signature, CDN will be checking each incoming request against its signature. Immediately after that the connection will be either allowed or denied, it takes just several milliseconds.