Lumen help

Adding a token‑authentication definition to a configuration

Use a token-authentication definition you will refer to in a token-authentication match rule.

 

When the client presents the URL to the CDN, the CDN creates its own version of the token using a shared secret and predefined token generation algorithm (sha1). If the client’s token matches the CDN calculated token, the client’s request is allowed to proceed and the requested content is returned to the client. If the client’s token doesn't match, the CDN returns either an HTTP 403 response or 302 temporary redirect.

  1. From the main menu, select My Services > Caching
My Service - Caching
  1. From the lists, select the access group and SCID (service component ID) you want to work with. 
My Services - Caching (with SCID selected)
  1. From the list, select the configuration. 

To add a token-authentication definition to a configuration:

  1. From an open configuration, click Edit Configuration.
my services caching edit configuration
  1. In the Service-Wide Definition section, click Token Authentication.

    Media portal lists the token-authentication definitions for the configuration (if any).
my services caching add configuration token authentication new definition
  1. Click New Definition.
my services caching add configuration token authentication new definition
  1. Type a name for the definition. (You can leave the auto-generated name or type a name more meaningful to you.)
  1. Add secret names (up to 10) to the definition:

    1. Above the Secret Name section, click Add.

    2. Type a secret name in the field.

    3. To add addtional secret names, repeat steps a and b.
  1. Add query parameters to include or exclude from the hash to the definition:

       

    1. Above the Query Parameter Name field, click Add.

    2. Type a query parameter name.

    3. To add addtional query parameter names, repeat steps a and b.
  1. From the Date Preference list, select your preference: EPOCH or GMT.
  1. From the Query Parameter Control list, select whether to include or exclude the query parameters you added.
  1. If you want to use a query string other than nva (not valid after), type it in the NVA Name field.
  1. If you want to use a query string other than nvb (not valid before), type it in the NVB Name field.
  1. If you want to use a query string other than hash, type it in the Hash field.
  1. If you need to edit or add other definitions, continue editing the configuration without saving. (Saving the configuration creates a new version.) When you're done editing the configuration, continue with step 13.
  1. Click Save (above the Service-Wide Definition section). You can also click Save As to save the configuration under a new name.
  1. If needed, make any notes to describe the changes you made.
  1. Click Save again.

    Media portal saves the configuration with the new definition.