CPIX Enhanced Security API

The CPIX V2.0 specification allows for any elements with an ID be to signed and verified. This feature allows packagers to sign the CPIX request as an alternate form of authentication. Both document signing and key encryption must be supported by packagers in order to remove the requirement for JWT authentication. The packager is expected to sign the CPIX document so that Streamkeeper DRM can authenticate the document following the XML Signature Syntax and Processing Version 1.1 specification. In turn, the Streamkeeper DRM signs the response so that the packager can verify the document.

For more information refer to:

Key encryption in the CPIX document
Digital signature