Widevine Modular Content Protection
Ooyala provides support for Widevine Modular to meet the content protection requirements for high-quality content online in on-demand and live streaming formats. Widevine’s multi-platform DRM provides the capability to license, securely distribute and protect playback of multimedia content on any consumer device. Content owners and digital media providers can use Widevine’s solutions to ensure revenue generating services keep flowing to whatever device consumers desire.
To give you the capacity to protect your content using Ooyala and Widevine, you need to understand how Widevine works and how to use Widevine with your Android or Connected TV device. This document describes how to do this.
Widevine Modular is part of a set of comprehensive content protection features that work together to provide you with the ability to secure your content. These features include:
- User Authentication through token-based options such as the Ooyala Player Token. For information about setting up and using this feature, see Ooyala Player Token.
- Content Authorization through mechanisms such as Widevine. Information about Widevine is provided in this document.
- Authorization API which is a mechanism that handles all authorization requests. For more information about the Authorization API, see Player Authorization API for Player V4.
Supported Platforms and FormatsIf you want to have content that is DRM-protected with Widevine, you need to use the supported platforms formats appropriate for Android Apps, and Connected TVs.
|Mozilla Firefox 47+||MPEG-DASH||CENC|
Ooyala and Widevine DRM Workflow
Customers who want Widevine need to work with Ooyala Customer Success Managers or professional services to enable Widevine Modular support. When you use Ooyala’s Widevine server, the licenses exist in the Widevine cloud.
With the implementation of Widevine DRM, each content viewer needs an individual license as the content is encrypted and is useless without license. Widevine does not perform the encryption, content from the CDN is already encrypted. Widevine just provides a secure cloud for license key storage and retrieval.
If you want to integrate with Widevine, you need to understand how securing your content works with the various parts of the Ooyala content protection features. The following diagram illustrates how Widevine is related to the Ooyala Player Token (an optional but recommended user authentication feature) and the Ooyala Authorization API that handles the user authentication requests.
Widevine Content Protection Workflow
The following table describes the workflow steps for using Widevine for content protection.
|Step||Action||Responsible Party||Additional Documentation|
|1.||The video player App, authenticates the user against the content provider.||App developers and content provider’s services||Ooyala Player Token|
|2.||The content provider provides an Ooyala Player Token to the app that indicates the authentication status of the user.||App developers and content provider’s services||Ooyala Player Token|
|3.||The video app makes an authorization request to Ooyala that includes the Ooyala Player Token.||App developers||Ooyala Player Token and Player Authorization API for Player V4|
|4.||Ooyala's authorization request returns a stream url and the authorization cookie.||App developers||Player Authorization API for Player V4|
|5.||Device native playback components will contact Ooyala for DRM licenses.||Ooyala|
|6.||Ooyala provides the license to playback DRM content.||Ooyala|
Using Widevine with Ooyala SDK-based AppsTo use Widevine with our Android player, you need to download and use our native SDKs to create the client-side pages. To download the Ooyala Android SDK, go to Ooyala Downloads. To learn about implementing Android, see Mobile SDK for Android . That’s all you need, as once you have the Widevine Modular feature enabled, the Ooyala SDK-based apps should work seamlessly with Widevine.
Using Widevine with Connected TVsIf you want to use Widevine with connected TVs, you need to:
- Implement Widevine Modular in accordance with the device specific SDKs. You pre-configure your device SDK and Widevine setup according to the SDK instructions.
- Initialize Widevine and the device SDK in the SDK-specific language (this will vary from device to device). Set up your app in accordance with the applicable platform programming guide.
- You will make a call to the Authorization API (this is a JSON RESTful API call).
- You will make the call to get the Widevine URL or stream data.
- You need to map the elements of the retrieved URL to the corresponding values of the Widevine fields. Plug in the values described below.
|For this segment...||Provide...|
|video url||the stream URL|
|portal, provider, or owner id||ooyala|
|device id||optional, unique identifier for the device, you generate the id|
When using Widevine Modular, the device_id that is cached in the browser might get removed in the following situations:
- clearing the browser privacy settings/history/cache
- uninstalling or reinstalling the browser
Device registration will fail if the device limit is exceeded because the same device would then have a new device_id and be tracked as a new device, see Device Registration API.