Skip to main content

Play the videos

You can implement the function that will retrieve the URL of the video securely in various server-side languages. The idea is to generate a unique hash using BCrypt, with a combination of API Key, API Secret Token and a timestamp.

To ensure a great level of security, the hash is valid between 5 minutes before to 10 minutes after its generation (we leave an interval to match for the difference that might exist between server times, but please make sure to synchronize it with NTP following these instructions)


We recommend using BCrypt.NET library (NuGet Package) / to implement the algorithm

CSHARPstring apiKey = "xxx-YourAPIkey-xxx";
string secretToken = "xxYourSecretTokenxx";
Int32 timestamp = (Int32)(DateTime.UtcNow - new DateTime(1970, 1, 1)).TotalSeconds;
string apiSecret = apiKey" + secretToken + timestamp;
hashKey = BCrypt.Net.BCrypt.HashPassword(apiSecret, 10);


PHP >= 5.5 has built-in BCrypt library

$timestamp = gmdate('U');
$apiSecret = "YOUR API KEY" . "YOUR API TOKEN HERE" . $timestamp;
$hashKey = password_hash($apiSecret, PASSWORD_DEFAULT);


There are a few BCrypt libraries in npm as well, and we personally recommend the use of bcryptjs. You can install this through npm by running npm install bcryptjs --save from your project’s root directory. Here’s an example of how to use it in code.

JAVASCRIPTvar bcrypt = require('bcryptjs');

var timestamp = Math.floor( / 1000);
var apiSecret = "YOUR API KEY" + "YOUR API TOKEN HERE" + timestamp;
var hash = bcrypt.hashSync(apiSecret, 10);


There is only one major BCrypt library for Python. Install it by running pip install bcrypt. Here’s how to use it in your code.

PYTHON# first, import it
import bcrypt
import time

# seconds since GMT Epoch
timestamp = str(int(time.time()))
# hash and save the result
hashKey = bcrypt.hashpw(apiKey + secret + timestamp, bcrypt.gensalt(10))