[Invalid value v16XXXX for parameter type] - How to access private media .m3u8 with token

smk

I am trying to access private media https://res.cloudinary.com/demo/…/Cloudinary_Car.m3u8 with token: below example

https://res.cloudinary.com/demo/video/upload/sp_auto/pg_2/v1656585800//Cloudinary_Car.m3u8?cld_token=exp=1733355248~acl=*~hmac=XXXXXX

But getting 401 unauthorized error

Error : Invalid value v1656585800 for parameter type.

Token is valid bcoz I can access .mov media with same/similar token that I generate with url

What am I missing here, how to pass token along with .m3u8 request using cloudinarydontnet

johnr

Hi @smk,

I noticed you are testing using Cloudinary's demo environment.

As each product environment has their own authentication token, it is not possible for you to generate a token based URL for the demo environment. You can read more about token-based access here: https://cloudinary.com/documentation/control_access_to_media#token_based_access_premium_feature

You will have to test this in your own account. Can you please raise a support request here for us to help you better?

Thanks!

smk

Hi @johnr

I am actually testing our own environment. i just don't want to expose my original endpoint so just put it in this way:) (https://res.cloudinary.com/demo/video/upload/sp_auto/pg_2/v1656585800/).

I'm generating token with my own url ends with .m3u8, throwing 401

but when I request .mov with token it works!

johnr

Thanks for the information!

Token-based URLs work great with single-file formats like .mov or .mp4 because the entire URL is signed as a single delivery. However, with m3u8 files (HLS streaming), it's a bit different. These files are delivered as multiple chunks based on the manifest, with each chunk being a separate request. Hope this makes sense.

There is another solution. The delivery needs to be via a customer's own hostname when using token auth (so, the token is sent in a cookie instead of the URL parameters). But this requires us to analyze your usage and is only available for paid plans.

Hope this information helps. If you want to discuss further about the options please feel free to contact support.

smk

Well i figured that token issue, now .m3u8 success and subsequent request fails (401) without token.

Is there any way we can configure token for subsequent calls or I need to setup that in client video handler itself ? Any suggestion please ..

Thanks!

johnr

Hi, the video player alone cannot handle this. You can follow this document for creating cookie-based authentication URLs:

https://cloudinary.com/documentation/control_access_to_media#cookie_based_access_premium_feature

Let me know if this helps. If this still fails, please create a support request so that we can check if your account can be configured to use token-based authentication for m3u8 delivery.

smk

Hi @johnr

I have create cookie-based authentication URLs for .m3u8 and got the response and I'm passing the same token to the subsequent .ts URLs and it's throwing 401. Should generate new token for each subsequent .ts requests or is there any way we can configure token-based authentication for m3u8 delivery as you mentioned above(I can create support ticket) ? if that is configurable then i don't have to generate token for each request and it makes process much easier.

johnr

Hi @smk,

You can make it work by creating your own manifests that include the signed URLs and delivering those instead of the manifests that we generate automatically: https://cloudinary.com/documentation/adaptive_bitrate_streaming#manually_creating_representations_and_master_files

As discussed earlier, there is a way we can configure the environment. However, we need more details about your usage to see if this is something we can implement for you. You can link this discussion to provide more context to the support team in case I'm not around to handle it.

Thanks!