Tutorial: The Customer Authenticator (NEW)

NOTE: We’ve recently updated our service. もっと詳しく知る

If we’ve not yet migrated you to the new service,
click here to see the Legacy Customer Authenticator Tutorial

The Customer Authenticator

This tutorial explains how to obtain the authentication parameter required in all calls to the ExpressPlay REST API.

The Customer Authenticator (API Key)

The ExpressPlay Service provides a rich REST API for generating content licenses for a variety of DRM systems. Access to the API requires an API key, which for legacy reasons is also known as the Customer Authenticator, is a unique and confidential value that must be specified in the customerAuthenticator parameter of each API call.

Authenticator Setup

After creating an account your will need to create an authenticator at https://portal.expressplay.com/apikeys. Please take note of the authenticator as you will no longer be able to access the value through the portal once it was created.

Concurrent Use

Multiple API Keys/Customer Authenticators can be generated through the admin portal, all of which can be used concurrently.

To generate an API Key/Customer Authenticators, log in to the ExpressPlay portal and click on the “API Keys” option from the left menu

Note that the API Key/Customer Authenticator value cannot be later recovered from the portal, so please copy the generated value. If the API Key/Customer Authenticators is lost simply create a new one.

Deleting API Keys / Customer Authenticators

In the case an API key/Customer Authenticator has been leaked it can be deleted through the admin portal.

Before expiring the API key/Customer Authenticators please alert any downstream Partners (e.g. Fastly, Swank) who the key may have been shared with.

A possible strategy to address a breach would be to create a new API key/Customer Authenticators immediately and expire the old key when the rollout has been completed.