CPIX Claims
The CPIX service implements the DASH-IF CPIX 2.3 protocol. It provides the ability to create new content objects and request encryption keys under the content.
CPIX Service Claims
The following claims apply to CPIX service JWTs.
"aud" (Audience) claim
Required. The "aud" (Audience) claim identifies the recipients that the JWT is intended for. It MUST be set to the value "urn:verimatrix:cpix" or “urn:verimatrix:cpix:2”. For more information, refer to CPIX Document Encryption.
This claim must be present in the payload of the JWT. The purpose of the key in the Verimatrix portal must match the audience.
"sub" (Subject) claim
Required. The "sub" (Subject) claim identifies the content. It must match the value used for the identifier when the keys are requested.
The subject is validated against the "id" passed within the CPIX document. It allows a token to be issued that can only be used to request keys for a particular resource. If the subject is not passed, then the token can be used to request keys for any resource.
"iat" (Issued At) claim
Required. The "iat" (Issued At) claim indicates when the JWT was issued. For CPIX requests, the maximum lifespan is 30 minutes, ±5 seconds of clock skew.
The "iat" claim must be present in the payload of the JWT.
Updated over 1 year ago