Skip to main content

Obtaining OTP using API

OTP are tokens generated using VdoCipher API which are required to authorize video playback. The OTP must always be generated on a back-end server. The generated OTP must then be sent to the website front-end. In the website front-end the OTP is used as part of the video embed code.

To generate the OTP you need to send an HTTP POST request to the API Endpoint, with the required OTP request Header and the optional OTP request Body. This article is specific to API Version v3.

API endpoint to retrieve OTP is{videoID}/otp

The authorization header containing the client secret key is to be appended to the OTP request. Refer to the OTP request body page for advance options that you can set as part of OTP request.

For valid requests the API server returns a JSON containing the otp and playbackInfo:

"playbackInfo": "z1y2x3w4v5u6t7s8r9q10"

You would need to send both otp and playbackInfo to your website front-end as part of the embed code.

Get OTP Sample Code​

The sample videoID is 1234567890 and the API Secret Key is a1b2c3d4e5. The time-to-live for OTP validity is set to 300s in the sample code. See the OTP Advanced Options section for details.

curl -X POST \ \
-H 'Accept: application/json' \
-H 'Authorization: Apisecret a1b2c3d4e5' \
-H 'Content-Type: application/json' \
-d '{