Build the best video experiences

APIs that enable you to delight your viewers

Manage videos using API, enable automatic video upload and get OTP for playback

Inject custom HTML in video player, change player design and add interactive features using Player API

Integrate VdoCipher SDK to your app with the help of our sample Android app and Maven Project

OTP-based Playback

Why You Need OTP for Secure Streaming

Non-secure video platforms enable video embed through iFrames. These iFrames however can be used by anybody to download or share the video.

VdoCipher uses a unique embed code per session to play videos. This embed code uses a short-lived access token, called an OTP. Our use of an OTP ensures that videos are authenticated in every session, so that only logged in paying users get to watch your premium content.

How to generate OTP

  • You can find the API secret key for your account by logging into the Dashboard -> Config tab.
  • To generate OTP, your site backend has to make HTTP POST request to API server using the API secret key.
  • Your site backend also has to generate PlaybackInfo by encoding videoID in base64 string
  • OTP and Playback Info are added to video embed code

Sample Code for HTTP POST request to API server with Secret key

$ curl -X POST -H
      'authorization: Apisecret _________'

Pseudocode to generate PlaybackInfo using Base64 encoding

let policy = base64_encode(json_stringify(
        videoId: "VIDEOID"

Integrating VdoCipher Embed Code

There are broadly two kinds of web applications - MVC apps and SPAs. VdoCipher integration for the respective use cases differ slightly.

MVC Applications

In Web Apps using Model-View-Controller Architecture the backend directly renders the web page. Prominent platforms using MVC architecture are PHP frameworks (Laravel, Yii), Python (Django), Ruby on Rails, and Jade Template Engine using Express

In MVC apps the OTP can be generated when the page itself is loading. You can pass the OTP and PlaybackInfo as parameters from Controller to View. With these parameters added to the embed code your video would be ready to play.

Single-Page Applications

Single Page Apps (SPA) load scripts and other assets only once per session. Data for each new page is served using JSON or XML. React and Angular are the most prominent platforms for building SPAs

In an SPA it is recommended to create an API endpoint which can authenticate the logged-in user and check their access to the requested videos. This endpoint will return the OTP and PlaybackInfo. The front end would handle the response and load the video.

Detailed reference for adding VdoCipher videos to your SPA can be found in the VdoCipher server API reference

Ready-to-Use Plugins

For popular Content Management Systems you will only need to install VdoCipher plugin. Our plugin handles the OTP and PlaybackInfo generation by itself, so that embedding videos to your website is easy and straightforward.

VdoCipher Support is always there for you

As you can see, adding security features to videos creates additional steps to your workflow beyond simply adding a single embed code.

We fully understand that there might be things that you would need our help for. Our support executives are available at all times to help you secure your encrypted videos to your site.

We are fully committed to providing you Hollywood-level DRM for your invaluable intellectual property, and to support you in creating your video-based business.

Check out our Secure Streaming features

Sign up for a free 30-day trial to get started