Preventing Stream Sharing

To prevent stream sharing, create and use EdgeAuth tokens that can be used only by specific user sessions (i.e., sessionId-specific EdgeAuth tokens). The session association is made on creation of the EdgeAuth streaming token. In addition to limiting tokens by sessionId, it is also possible to create EdgeAuth tokens based on the subscriber's IP address. The process is similar to that outlined for sessionId below.

EdgeAuth libraries are used for generating and issuing EdgeAuth tokens. You must set up your own backend service to generate tokens using the Phenix EdgeAuth libraries.

Since the session ID must already exist in order to be referenced by the EdgeAuth token for the stream, the following steps must be completed in the order shown.

1. Create an Auth token. The App connects to your EdgeAuth backend and receives the AuthToken. Initialize the SDK using withAuthenticationToken and call the TokenBuilder function with the authenticationOnly option.

2. Receive the Auth callback. The App receives the authenticationCallback with the sessionId and authenticates.

   • Android

   • iOS

   • Web

3. Create a streaming token. Pass the sessionId to the EdgeAuth backend to generate the streaming token.

4. Use the streaming token to join a channel. This is documented here:

   • Android
   • iOS
   • Web

In the backend, use the EdgeAuth library's TokenBuilder function to generate the streaming token, with the --sessionId option if using the command line, or forSession if calling the function from code.

If you are using ChannelExpress (recommended), you can subscribe to sessionId changes, for example:

channelExpress.getPCastExpress().getPCastObservable().subscribe(function (pcast) { if (!pcast) return;  if (!pcast.getProtocol()) return; var sessionId = pcast.getProtocol().getSessionId()
}, {initial: 'notify'});

If using PCastExpress API, use the getPcast method to get access to the low-level API and thus the sessionId:

• Android
• iOS
• Web