Generate tokens for authorization

After creating a service access key for a CPIX or DRM service, you must use it to create an authorization token for the service. The token is a JSON Web Token (JWT) that contains your service access key ID, issuer, and other identifiers. Every HTTP request to a Multi-DRM service must include a valid authorization token in the header or the request will be denied.

You must create your tokens outside the Verimatrix Secure Platform. For detailed information on how to construct a token, refer to PROD-7310 Token Authentication Specification.

Online tools for creating and reading tokens:

• Token dev
• JWT

Tokens must be sent to the CPIX service when encrypting content.

Once authenticated, the CPIX service controls the encryption of the content that clients will eventually request during playback. Likewise, client devices must send tokens to the appropriate Verimatrix service endpoint with license information needed for playback.

It is the operator's or device application's responsibility to integrate with middleware for entitlement information when generating tokens. For a reference to assist you with this integration, contact Verimatrix.