Articles on: OTT Settings

Securetoken Authorization for Alta OTT

Protects unauthorized access to content with temporary tokens

Securetoken Authorization

How it works

Client requests playlist with channels on the middleware
For each channel middleware prepares unique temporary token
Client requests channel with temporary token
Alta checks token and allow request if token is valid


Temporary token calculated by the middleware on the server side when client requests playlist. Token contains next parts:

Hash - hash calculated on the server with SHA1 algorithm
Salt - random word for better secure
End time - token expiration time in the unix-timestamp format
Start time - token creation time in the unix-timestamp format

All parts should be separated by minus sign and addedd to the channels address. For example:


Hash should be calculated on middleware with SHA1 algorithm from string concatenated from next parts:

Channel path - for example /tv/travel-channel/index.m3u8
Client IP address
Start time - unix-timestamp as decimal number
End time - unix-timestamp as decimal number
Securetoke - defined in the Alta settings
Salt - random word

Example on PHP

Create a file securetoken.php with the following code:


$channel = '/tv/travel-channel/index.m3u8';
$client = '';
$starttime = 1669810000;
$endtime = 1669890000;
$securetoken = 'secret';
$salt = 'a5cd6c00';

$hash = sha1($channel . $client . $starttime . $endtime . $securetoken . $salt);
$token = $hash . '-' . $salt . '-' . $endtime . '-' . $starttime;

echo '' . $stream . '?token=' . $token . PHP_EOL;

Launch script:

php securetoken.php

You will see line from the first example. Please, note, this script only for example.

Updated on: 24/02/2023

Was this article helpful?

Share your feedback


Thank you!