HTTP Authorization

The HTTP authorization is a process of granting a user access to protected content.


Authorization workflow

Before delving into the detailed process of configuring the authorization in Astra, it is essential to understand of its underlying principles.

List of TV channels

The initial step is receiving list of TV channels from Middleware. In this step, the client submits their credentials to the Middleware, which verifies their request. Upon successful authorization, the Middleware responds by providing the client with a list of TV channels that they are allowed to access. Each channel has an unique token that will be used later for access authorization.

Request Channel

The second step is requesting channel access from Astra. During this step, the client selects the desired channel and player sends request with unique token to the Astra.

The third step is autorizing request by Astra. Astra support next authorization methods:

  • User Authorization - Astra use login and password or unique token defined in the user settings
  • Middleware Authorization - Astra initiate subrequest to the Middleware with unique token and all information related to the request
  • HTTP Securetoken - Astra checks unique token with crypto algorithms to to validate access
  • HTTP IP - Astra compares the user's IP address with an access list

These methods offer customizable authorization workflows, allowing administrators to control access securely.