Platform DocsPlayers DocsRelease Notes
System StatusSubmit a CaseDashboard LoginCompany Site

Generate a signed content URL for DRM playback (JW Platform)

Suggest Edits


📘

If you plan to use Chromecast to cast content that has DRM content protection enabled, a custom receiver must be used.


Use the following steps to generate a signed content URL for DRM playback:

  1. Retrieve the JW Player content URL. JW Player content URLs have the following format: https://cdn.jwplayer.com/v2/media/{media_id}.

    ApproachNotes
    APIFollow these steps to retrieve the media_id for the URL:
    1. Make a GET v2/sites/{sites_id}/media/ call.
    2. Locate the key for a content item in the API response.
    DashboardFollow this step to retrieve the media_id for the URL:
    1. From your JWP dashboard Media Library, copy the media ID from the MEDIA ID column.

  1. Retrieve the JW DRM policy ID:
    a. From the Properties page, click the property name > Content Protections.
    b. In the Digital Rights Management section, copy the DRM policy ID from the DRM Policies table.

    📘

    Read Studio DRM with JW Platform Policy Reference to learn more about the DRM Policies.


  1. Append the DRM Policy ID to the content URL. 
    https://cdn.jwplayer.com/v2/media/{media_id}/drm/{policy_id}

  1. Sign the content URL by appending a JWT signature. We strongly recommend using a proxy service to generate JSON web tokens (JWTs). If you generate JWTs within client-side JavaScript or a native app, you risk exposing your API secret. 
    https://cdn.jwplayer.com/v2/media/{media_id}/drm/{policy_id}?token={token}

  1. Pass the content URL to a player or implementation.

Sample Code

The following code sample can be used as the foundation for your DRM implementation.

"""
This script demonstrates how to generate a signed URL for requesting DRM assets from the JW Delivery API. 
It takes three arguments, a Media ID, a DRM Policy ID, and the V1 API secret (available in the 
API Credentials area of your JW Dashboard) for your DRM-enabled property. The signed URL will be 
printed to your terminal.

Usage

1.) Create and activate a Python virtual environment:
    - $ python3 -m venv venv
    - $ source venv/bin/activate
2.) Install `jose`, a JWT library
    - $ pip3 install python-jose
3.) Run script.
    - $ python3 jw_drm.py {media_id} {drm_policy_id} {v1_api_property_secret}
"""

import argparse
import json
import math
import time
from urllib.parse import urlparse

from jose import jwt

def generate_jwt_token(path: str, api_secret: str):
    """
    Generates JWT token for given request path
    """
    # Generate epoch timestamp of now + 1 hour for link expiration. 
    exp = math.ceil((time.time() + 3600))
    params = {"resource": path, "exp": exp, }
    return jwt.encode(params, api_secret, algorithm="HS256")

def generate_signed_drm_url(media_id: str, drm_policy_id: str, api_secret: str):
    """
    Generates a signed URL which can be used to fetch a DRM-protected media asset
    """
    path = f"/v2/media/{media_id}/drm/{drm_policy_id}"
    token = generate_jwt_token(path, api_secret)
    return f"https://cdn.jwplayer.com{path}?token={token}"

if __name__ == "__main__":
    parser = argparse.ArgumentParser()
    parser.add_argument("media_id", help="Media ID to request")
    parser.add_argument("drm_policy_id", help="DRM Policy settings to apply to session")
    parser.add_argument("api_secret", help="V1 API Secret for DRM-enabled property")
    args = parser.parse_args()
    signed_drm_url = generate_signed_drm_url(args.media_id, args.drm_policy_id, args.api_secret)
    print(signed_drm_url)

Updated 6 days ago