Authentication overview

Authentication server

The Watch Together Authentication server has two parts, the first one is hosted in the Media Server Cluster (MSC), the customer enclave, and the second is hosted by you in your data center/cloud.
This architecture will allow you to apply and integrate your own logic for supplying valid token to the clients and apply your own security standards.

Authentication flow

In order to make requests to the MSC Authentication service, you require API _KEY and API_SECRET, both of which you get by logging in to your private area - Private area.
Authentication flow
Please note:
  • Tokens are only valid for a specific session and the JWT token describes the connection details
  • Tokens are generated only once and therefore need to be persisted on the CustomerAuthServer
  • For two clients to be able to connect to the same session the clients must have exactly the same JWT token

Customer authentication server

As we require that Clients will not directly request tokens from our Authentication service (CAS) we would like to suggest an authentication flow for your backend.
In this flow, we suggest a way to create a backend service that will be hosted on your side and will allow different clients to connect by sharing a TokenID.
Customer authentication server - suggested flow

Authentication API reference

Follow this link to see the Authentication API reference.

Support

Need technical support? contact us at [email protected].
Copy link
On this page
Authentication server
Authentication flow
Customer authentication server
Authentication API reference
Support