- Più recenti
- Maggior numero di voti
- Maggior numero di commenti
Hello,
The access-contrtol-allow-origin header itself only allows a single domain as the origin or * as a wildcard to allow anything, so multiple origins are not allowed in the JWT token.
A common use case with playback authorization is to have the IVS Player embedded in a website so the access-control-allow-origin can be set to the domain of that site, and therefore only allowing playback sessions to originate from the one domain.
In a case where multiple origins are required, an example implementation would be to have logic in an application that can determine the origin of a request, verify that it's in a list of approved origins, then set that origin in the JWT payload before signing and returning the playback URL + access token.
Please let us know if we can provide additional information.
Contenuto pertinente
- AWS UFFICIALEAggiornata un anno fa
- AWS UFFICIALEAggiornata 2 anni fa
- AWS UFFICIALEAggiornata 3 anni fa
- AWS UFFICIALEAggiornata un anno fa