Reputation: 7190
Authorizing asset on a user by user basis
Documentation is quite vague and everything related to this subject mostly points towards AAD.
The requirement I have is to be able to show a video only to users who have a specific permission. This can be as simple as having a claim in their JWT. Using AAD isn't an option so I was wondering if there is any other way I can achieve this.
The way I could imagine this work is that you can specify a claim that you want Azure Media Services to check that the incoming JWT has and then specify the token's AES key or provide a certificate if you choose to go with RS token encryption.
Upvotes: 2
Views: 63
Answers (1)
Reputation: 191
It is NOT required to use any specific token provider (such as Azure AD). You can definitely create your own JWT provider (so-called STS, Secure Token Service), using asymmetric key encryption. In your STS, you can add custom claims as desired based on your business logic.
Make sure the issuer, audience and claims all match up exactly between what is in JWT and the ContentKeyPolicyRestriction used in ContentKeyPolicy in Azure Media Services.
Upvotes: 3
Related Questions
- I need to connect to Azure Media Services with user authentication
- Azure Media Services and existing Storage Account
- Creating Media Service Credentials
- How do I disable a request for a user name in creating a Azure Media Services video asset using CloudMediaContext.Assets.Create
- Azure Media Services content protection using Azure Active Directory token
- Azure Media Services - Secure Asset
- Securing assets in Azure Media Services for mobile-only delivery
- Azure media services secure access
- Approach to secure access to azure media streaming
- Azure media service asset management