We have a Vimeo Plus account with a large set of private, password protected videos and are building an internal application which will access a selection of these videos. So in this scenario we own the videos and the application which will access the videos. We would like to be able to embed and play the videos without entering the videos' password. Currently we are not able to find a way to achieve this using the API, is this possible?
the Vimeo API can only toggle your video's privacy settings, the API cannot grant playback to users outside of the privacy settings already provided. For example, you can use the API to set a video as password-protected and set the video's password, however you cannot use the API to authenticate and bypass password protection and allow playback.
Hope this helps!
Related
I'm scoping out a project with the Vimeo API in which a user uploads a protected video.
I see the API allows for uploading a video with a password via privacy.view.
However, Vimeo also has the ability to upload a video that's only sharable with a private link. I'm not seeing a reference in the API that indicates it's possible to create this via the API. Basically, a user would upload a private video and the API returns the "private link" for that video.
I was hoping someone with more expertise might be able to confirm.
This has been asked before but there is no definitive or clear answer, so I'm asking again.
I would like to embed vimeo videos on my own website, and enable playing those videos only to specific subscribed users only.
Is it possible to control the access? In a way of requesting a session token for a specific 'video play' and initialize the player with that token?
Looking through the developer docs, OAuth authentication and access tokens are mostly in relation with performing actions on the vimeo accout (upload, list, etc).
Does the vimeo player integration support API access control?
No.
The Vimeo API can only toggle a video's privacy settings, the API cannot grant playback to users outside of the privacy settings provided by Vimeo.
For example, the API can be used to set a video as password-protected and to set the video's password, however the API cannot be used to authenticate and bypass password protection and allow playback.
The privacy settings valid for a video's privacy.view and privacy.embed preferences are documented here: https://developer.vimeo.com/api/reference/videos#edit_video
An overview of video privacy settings on Vimeo can be found here: https://vimeo.zendesk.com/hc/en-us/articles/224817847-Privacy-settings-overview
We have a responsive web app (html5 + AngularJS) w/ an API (Web API, c#). Both the web app and api are hosted on Microsoft Azure and media files (images, files, videos, ...) are stored in Azure Blob Storage
The use case is the following:
1) User A uploads a video via the API
2) The API needs to fix the rotation of the video to avoid videos recorded in portrait mode to show stretched in full screen on Mobile Chrome in Android (Vertical Video Syndrome https://www.youtube.com/watch?v=Bt9zSfinwFA)
3) If User B has rights to access the video (not all users of the platform have), he should be able to stream the video
I was looking to use Azure Media Services (https://azure.microsoft.com/en-us/blog/advanced-encoding-features-in-azure-media-encoder/) to rotate the video and therefore implement step 2.
What would be the best way to implement 3, e.g, protect the content in order to ensure that only specific users of the platform have access to the video?
Thank you.
Answering your question at the end: 'What would be the best way to implement 3, e.g, protected the content in order to ensure that only specific users of the platform have access to the video?':
You have different options depending on the level of protection you require:
'hide' the video url in an area of your site which requires login with the right access to see it
use a token in the URL to control access to the video
use a DRM scheme to protect the video
The DRM approach is the most secure as it also protects you against the user copying or saving and redistributing the video.
As you are using Azure you might want to look at Azure's content protection - if you are using a different video hosting service they will usually have similar guidelines:
https://azure.microsoft.com/en-us/services/media-services/content-protection/
You can use Azure Media Services AES encryption to deliver encrypted adaptive bitrate streams using MPEG-DASH or HLS, and use JWT tokens to authenticate the user for access and decryption.
This is the same model that we use with Microsoft Stream (http://stream.microsoft.com). In the case of Stream, we use Azure Active Directory for authentication and JWT tokens.
There are a couple of sample blogs out there on the basics of how to do this.
http://gtrifonov.com/2015/01/03/jwt-token-authentication-in-azure-media-services-and-dynamic-encryption/
http://mingfeiy.com/how-client-pass-tokens-to-azure-media-services-key-delivery-services
I have a website that has a web page with a html5 video-tag, and the user can supply a URL, and it will play in the video-tag.
The webpage uses JavaScript commands that control the video-tag - for instance, it can pause the video, move to a different point in the video, etc.
It works fine with the cloud. Videos stored on Microsoft Azure can be used, for instance (Azure gives you a way to get a URL to any video on your cloud storage, and streams it too).
However, I have users that store videos on Google-drive, and also on Microsoft One-Drive.
From what I can see, I can play these videos, but only in a page (probably with Google's own player in it) on their site.
It seems that there is no way to get a URL to these videos that I can put in a video tag.
Without the ability to do that, I can't use the javascript commands that work with the html5 video-tag.
Is there any workaround?
Or am I missing something?
Thanks.
For playing videos that are stored in google-drive using your app:
you need oauth2 credentials to access the user's drive, but assuming you have the oauth part covered :
you can create a drive application as a google appengine app and deploy it in a part of your website.
enable the drive-sdk and set the open-url to your website (that you have verified)
-> basically this tells drive to redirect towards your website whenever the user clicks on the video (from his drive)
when drive redirects to your website a json file will be sent, you'll have informations such as fileId from there i think you can execute the method files().get() to retrieve the necessary information for you to play the video
I advise you to take a look at this course in codeschool.
I have created an vimeo app and idea is to upload video on different peoples account using the app if user gives upload access to the app. Now the problem is no matter what permission i set in my authorization link, app never gets upload access for other user, if i try to authorize the app with same user as app owner then only it get upload access. Is it something that vimeo wont let app to do or is there special tweaks.
By the way i am using oAuth 1.0 and i have vimeo pro account.
Regards
Vimeo upload permissions clarify which types of accounts can upload via your app.
Owner means only you
PRO means only pro users
Plus means only plus users
Basic means only basic users
You can have zero to all of these permissions, and you can verify them on your app page. It's likely that the third party users you are communicating with do not line up with your upload permissions.