How NxWitness generate the auth key?
In ProgressWe are using this API endpoint:
https://meta.nxvms.com/doc/developers/api-tool/hls-deviceidm3u-get?search=hls
To get the auth key from the NxWitness.
However the issue that we face is that we receive 401 if we have requested two or more sequentially but in a short time frame.
For example, I request the key for device 1, then immediately request for device 2, one of them will return me the 401 response.
If I try again for the failed device, then the response is back to normal.
Our process is:
1. UI send request to our API ask for the latest authKey and HLS URL
2. Our API calls NxWitness API to request authKey and construct the URL return to UI
3. UI will directly calls that HLS URL to NxWitness
4. UI will receives 401 from NxWitness
I could not find relevant information for this and would like to have more info on the limitation to better limit our own software.
Thank you.
-
Hi Lim,
401 simply means you might not use the proper authentication.
Can you please elaborate the detail(as much as possible) to your implementation?
Basically, we need to know which API request to which URL with which authentication schema.
The more detail you sent we might understand your case more clearly so we can provide the proper suggestions if any
Thanks for your understanding.
-
Hi Ichiro, thank you for your reply.
What we have do in our steps is:
1. UI request to our API for the HLS URL.
2. Our API request to this NxWitness endpoint to get the url:
http://admin:xxx@192.168.1.1:7001/hls/01e705f1-b8ea-e7e3-299e-cbba42d98304.m3u?pos=2024-08-20T16:34:18.434Z3. After getting the auth key, our API will return the url to UI
4. UI will use the returned URL to call directly to the NxWitness to play the VOD:
http://192.168.1.1:7001/hls/01e705f1-b8ea-e7e3-299e-cbba42d98304.m3u?authKey=e4f529c[…]E0OQ==&pos=2024-08-20T16:34:18.434Z&chunked&sessionID=757&loThese 4 steps will repeat for every VOD request, the issue facing was when we switched the camera from 1 to another and request VOD, the second request will have the 401 response.
Below is the overall process:
UI(request camera 1) -> API (return url) -> UI (use URL to call) -> NxWitness (return OK)
~after 5 seconds~
UI(request camera 2) -> API (return url) -> UI (use URL to call) -> NxWitness (return 401) -
Hi Lim,
We don't support this HTTP Basic authentication, this security risk is too high.
You are asked to implement the Digest or Bearer Token (Oauth2) , and this is required and a mandatory approach.However, we now recommend Oauth mainly, please refer to this article : https://meta.nxvms.com/docs/developers/knowledgebase/324-authorizing-a-web-app
Also, the authKey might be different for each request, as a result, we kindly request you to change the implementation due to the new authentication schema and security consideration.
Thanks.
-
Hi Lim,
There is no need to have Internet for Oauth2 authentication. You can either send the authentication request (for valid token retrieve) to either cloud host or the mediaserver.
Please refer to this article in the knowledge base (which we highly recommend you can search the resources in KB first for any integration request), also, there are some code samples on the Nx Open GitHub repo.
Thanks,
Please sign in to leave a comment.
Comments
5 comments