We constantly get questions around how a player could pass token to our key delivery services, which will get verified and the player obtains the key. We support Simple Web Token (SWT) and JSON Web Token (JWT) these two token formats. Token authentication could be applied to any type of key – regardless you are doing Common Encryption or AES envelope encryption in the system.
Here are four ways you could pass the token with your player, depends on the player and platform you are targeting:
1.Through the HTTP Authorization header.
Note that the “Bearer “ prefix is expected per the OAuth 2.0 specs. Read More