Secure authentication + RTSP streaming to a custom mobile app (Nx Witness / Nx Server) — recommended approach?
Answered
Hi everyone,
I’m building a custom mobile app (iOS/Android) and I’d like to access live video from Nx Witness (Nx Server) in a secure way and play it inside my app—ideally via RTSP, or an officially recommended alternative (SDK/API/proxy).
I’m looking for best practices and the recommended workflow. My questions:
- Secure authentication for streaming
- Does Nx provide short-lived credentials / tokens (session token, auth token, etc.) that can be used to authorize access to a stream without storing the user’s password in the mobile app?
- Is it possible to generate a scoped token (limited to a specific camera/resource and time window) and revoke it?
- RTSP and user credentials
- If RTSP requires user/pass, what’s the recommended way to avoid embedding credentials in the RTSP URL or persisting them on the device?
- Does Nx support RTSP over TLS, SRTP, or any other way to encrypt the stream transport (or is RTSP expected to be inside a VPN / secure tunnel)?
- Recommended streaming method for mobile
- Is RTSP the recommended approach for custom mobile clients, or does Nx recommend using another mechanism (e.g., Mobile SDK, server proxy, Cloud/API endpoints, etc.)?
-
1.Secure authentication for streaming
Nx mediaserver supports session bearer token for accessing RTSP stream.
Please refer to this sample to get the detail of local mediaserver session token login.
You may also use the one-time ticket token.scope now is not supported by the session token issued by local mediaserver, as the resource or scope management should/could be done via the user-management.
2. The RTSP supports digest authentication and token session, you may choose one of them.
3. Nx mediaserver supports rtsps://
4. For your use case, and those desired feature, Nx Webrtc manager would be a possible solution to you. (https://github.com/networkoptix/web_packages/tree/develop/packages/webrtc-stream-manager)
Thanks.
0 -
I am interested in point 2 → how to use Session Token with RTSP?
additional question: how is playback of camera and archive images solved in your nx mobile application?0 -
Hi
I think you can start with study the authentication sample, and understand the API endpoints.
[UPDATE, the RTSP now works with HTTP Basic and HTTP digest)For question 2: It is RTSP, however, we do have something that only can be used internally for mediaserver to our proprietary clients.
At the moment, we may recommend webRTC instead, if you need to implement your own application via web or some time-sensitive use case.Thanks.
0 -
Hi,
From a performance perspective, does streaming video via WebRTC impose a higher load on the NX server than direct access to the same stream over RTSP?
I am particularly interested in differences in CPU usage, memory consumption, and network throughput on the server side.
0 -
The performance of the approaches on the Nx Server depends on multiple factors. Therefore, the question of whether streaming video via WebRTC imposes a higher load than accessing the same stream directly over RTSP cannot be answered with a simple one-to-one comparison.
The performance factors of these two approaches may need more input to have a possible comparision, and the actual load will depend on your specific environment and use case. As such, we are not able to provide a generalized or approximate estimation.
In general, both WebRTC and RTSP are supported and valid approaches. However, if the stream requires transcoding, the server load will increase significantly regardless of the protocol used.
At this stage, we recommend testing both approaches in your own environment. Based on the results and your specific requirements, you can then choose the option that best fits your use case.
Thanks for your understanding.
0 -
Hi Sebastian Heuchert,
Sorry, I have to correct myself.At the moment, the bearer token will be supporting by webRTC only.
For RTSP - HTTP Basic and HTTP Digest will be the supported approach so far on v6.1.0
Thanks for your understanding.
0
Please sign in to leave a comment.
Comments
6 comments