Using .NET SDK to configure Widevine License delivery with Azure Media Services

This tutorial provides you a step by step guide to configure Widevine licence delivery and Widevine common encryption packaging with MPEG-DASH for streaming your asset. The sample code I provide here will also include PlayReady configuration. Thus, you can deliver a multi-DRM stream to reach multiple browsers. The code repository for this guide is posted here. Read more here

Configuring your content key via Keyseed

We often receive questions on how to configure content key via a key seed for PlayReady license services. However, Azure Media Services doesn’t store Key Seed into the system, here is why and how you could configure keys using a key seed even we don’t store it.

How Key Seed is being used?

Key seed is a very popular solution for years. When you statically encrypt your content for PlayReady, you could feed in your encryptor with Key ID and Key Seed. The encryptor will compute content key based on the key ID and Key Seed, and encrypt the content with this derived content key value. Key ID will be carried in the manifest. Key Seed will be stored with license server. Read more here

How to configure Widevine packaging with Azure Media Services

This blog is a follow up of our IBC announcement a few days ago for adding Widevine capability on the platform. Now you could either develop using .NET SDK 3.5.1 or Azure Media Services Explorer Tool to add Widevine header in a common encrypted DASH stream easily.

1. Update .NET SDK 3.5.1 or higher version into your project through Nuget.

2. I have uploaded a sample code project in Github for configure both PlayReady and Widevine packaging on a particular asset through Dynamic Encryption feature. In order to do this, you will need at least 1 Reserved Streaming unit configured on your media services account.

3. When you open this project, the first thing is to replace Account Name and Account Key in app.config file. Read more here

How client pass tokens to Azure Media Services Key delivery services

We constantly get questions around how a player could pass token to our key delivery services, which will get verified and the player obtains the key. We support Simple Web Token (SWT) and JSON Web Token (JWT) these two token formats. Token authentication could be applied to any type of key – regardless you are doing Common Encryption or AES envelope encryption in the system.

Here are four ways you could pass the token with your player, depends on the player and platform you are targeting:

1.Through the HTTP Authorization header.

Note that the “Bearer “ prefix is expected per the OAuth 2.0 specs. Read More

How to use API connector to deliver AES encrypted video

This blog demonstrates how to use API connector to deliver AES encrypted video with token authentication. Azure Media Services API connector allows you to stand up a web services with a set of simple APIs enabled, so you could upload, encode, encrypt and deliver a video content. The authentication mechanism for your API access are built-in.

API connector hosts the following set of APIs for you and these APIs are making calls to Azure Media Services REST APIs to perform corresponding actions. For instance, once you mark your video upload completed, AMS will start to encode video with multiple-bitrate 720P profile, configure the video to be AES 128 encrypted by supplying a content key and token authorization policy, lastly publish the video so you could get a streaming URL to stream your video. As you can see, we simply all these steps you need to do with AMS APIs to only one API call with API connector. Read more here

Setting up PlayReady encryption using Azure Media Explorer Tool

This blog shows you step-by-step, how you could set up PlayReady encryption using Azure Media Explorer Tool. This workflow assumes that you want to dynamically encrypt your multiple-bitrates file with PlayReady, and stream through Azure as well. If you are looking for a standalone PlayReady service to work with your on-premises encryptor or streaming server, please refer to my the other blog.

1. You could download Azure Media Explorer here. The source code is also hosted in this Github repository and it’s open source.

2. Open Azure Media Explorer, Enter account name and password to get connected to your media account. Account name and password can be found in Azure portal. Read more here

Easy way to debug for your PlayReady playback

This blog describes how you could easily get PlayReady encrypted stream playback error log through

1. Paste your streaming URL into “Stream URL” textbox and hit Play button.

2. Go to the “Logs” tab on the tab set on the Left.  Then hit the Save Logs button.

3. Save the Log zip file somewhere locally.

4. Open the zip file and the log file inside it.  Attached is an example. Read more here

How to debug for AES encrypted stream in Azure Media Services

Here is some tips to help you debug your stream while configuring AES dynamic encryption in Azure Media Services. Please leave your questions if you don’t find it covered below so I could add yours. I intend to introduce tools to help you easily diagnostic your problem, however, all these steps introduced below can be achieved using APIs as well.

Before going into any of the step below, please double check whether you have at least 1 streaming reserved unit configured. You will need that to proceed with dynamic encryption. The following picture shows the correct setting under Streaming Endpoint tab in your media account: Read More…

1 2 3 4 5 6 7  Scroll to top