/
API Calls
API CALLS AND RESPONSES FOR REMOTE AUTHENTICATION SERVER
The following API calls should be able to be run agains your remote authentication server, as their logic is used by the Round Trip Authentication Validator process.
Validate Credentials
Description
Invoked by the RoundTripValidator
to validate
a client of a given type (publisher/subscriber
) for a specified stream name.
REQUEST
- ENDPOINT:
validateCredentials
- METHOD:
POST
- DATA:
{
"username": "<username>",
"password": "<password>",
"token": "<token>",
"type": "<type>",
"streamID": "<stream-id>"
}
RESPONSE
- Success: HTTP CODE
200
- Data:
{
"result": "<boolean>",
"url": "<optional-arbitrary-url>"
}
result
contains a boolean value indicating whether client action is permitted or deniedurl
can be used to pass back an arbitrary URL to the authenticated client. The value fo theurl
attribute is stored on theIConnection
object by property namesignedURL
. The parameter can be accessed by the server-side code using the getStringAttribute method on theIConnection
object.
IConnection conn = Red5.getConnectionLocal();
String url = conn.getStringAttribute("signedURL");
Invalidate Credentials
Description
Invoked by the RoundTripValidator
to invalidate
a client of a given type (publisher/subscriber
) for a specified stream name. Invalidate can be used to revoke a user permission
or expire a token
.
REQUEST
- ENDPOINT:
invalidateCredentials
- METHOD:
POST
- DATA:
{
"username": "<username>",
"password": "<password>",
"token": "<token>",
"type": "<type>",
"streamID": "<stream-id>"
}
RESPONSE
- Success: HTTP CODE
200
- Data:
{
"result": "<boolean>"
}
result
contains a boolean value indicating whether client action is permitted or denied