Authentication¶
All Video Toolkit users are managed in a DRMtoday Merchant Account. The DRMtoday Central Authentication System DRMtoday CAS (Central Authentication System) is used for authentication of VTK-API calls and user interaction. Please find more information if needed in the DRMtoday documentation.
User Accounts¶
DRMtoday provides two different user account types which must be maintained by the Superuser of your Organization.
API¶
Example: castlabs::vtk
Based on Organization ID and Password. API accounts can be restricted to access only certain interfaces and tasks to harden security.
User¶
Example: user@castlabs.com
Based on EMail Address and Password. To be used for administrative tasks on the Video Toolkit user interface only.
Hosts¶
VTK Production https://vtk.castlabs.com
VTK Staging https://vtks.castlabs.com
To authenticate a VTK API call to execute a job (i.e. castlabs::test) there are always two steps: "Login" and "Ticket retrieval", each consisting of a POST request.
Authentication Example using cURL:¶
export DRMTODAY_PASSWORD="your DRMToday password"
export DRMTODAY_USERNAME="{{ user.username }}"
export CAS_TICKETS_URL="{{ settings.CAS_SERVER_URL }}v1/tickets"
export APP_URL="https://{{ settings.HOSTNAME }}/api/"
requests are made to the CAS system to get the ticket:
export CREDENTIALS="username=$DRMTODAY_USERNAME&password=$DRMTODAY_PASSWORD"
export TICKET_LOCATION=`curl -v -X POST -H content-type:application/x-www-form-urlencoded -d $CREDENTIALS $CAS_TICKETS_URL 2>&1 | grep -Eo 'location: [a-zA-Z0-9\:;\/\.%&\-]*' | awk '{printf $2}'`
export CAS_TICKET=`curl -v -X POST -H content-type:application/x-www-form-urlencoded -d "service=$APP_URL" $TICKET_LOCATION`
from now on, use the value of $CAS_TICKET to authenticate requests to the VideoToolkit API. A very simple method to confirm whether everything is working is to execute:
curl -v -H "Authorization: Ticket $CAS_TICKET" -H content-type:application/json $APP_URL
If this call returns 200 OK you are now authorized to do actual requests.