All Products
Search
Document Center

ApsaraVideo Live:Configure a stream ingest callback URL

Last Updated:Dec 26, 2023

ApsaraVideo Live allows you to configure a stream ingest callback URL and authenticate the callback URL. This helps prevent live streaming exceptions that are caused by unauthorized access. This topic describes how to configure a stream ingest callback URL and how to authenticate the callback URL.

Procedure

If you want to receive callback messages related to stream ingest, perform the following steps to configure a stream ingest callback URL and authenticate the callback URL.

Note

For more information about the callback logic and callback authentication, see Callback logic and Callback authentication.

  1. Log on to the ApsaraVideo Live console.
  2. In the left-side navigation pane, click Domains to go to the Domain Management page.
  3. Find the ingest domain that you want to configure and click Domain Settings in the Actions column.

  4. Choose Streaming Management > Basic Settings. On the page that appears, click the Stream Ingest Information tab.

  5. Click the Edit icon next to Callback URL. The Configure Callback URL dialog box appears.

    回调地址中文

  6. In the Configure Callback URL dialog box, configure the settings.

    1. Specify a stream ingest callback URL.

    2. Select whether to enable authentication for the callback URL.

      If you require authentication, turn on Authentication, specify Cryptographic Key, and then click OK.推流回调健全KEY

      If you do not require authentication, simply click OK.

      推流回调鉴权NO

Callback logic

Callback logic

  1. During stream ingest over Real-Time Messaging Protocol (RTMP), ApsaraVideo Live checks whether the stream ingest client closes the connection within 2 seconds after ApsaraVideo Live receives an OnPublish message. If the stream ingest client does not close the connection, ApsaraVideo Live sends a callback notification about the successful stream ingest.

  2. Assume that you have Ingest Domain A and Streaming Domain B that are associated with each other, and you configure regular stream pulling and triggered stream pulling for Streaming Domain B. If you want to receive callback notifications about the stream pulling status, configure stream ingest callbacks for Ingest Domain A. After the configuration, the same callback logic as the preceding applies to stream pulling under Streaming Domain B. By default, stream pulling is considered successful if the client does not close the connection within 2 seconds.

Note

We recommend that you issue the streaming URL after you confirm that the stream ingest or pulling is successful based on callback notifications and the response to your call of the DescribeLiveStreamsOnlineList operation.

Callback authentication

By default, authentication for stream ingest callbacks is disabled. You can enable the feature when you specify the stream ingest callback URL. After you enable the feature, the following authentication logic applies:

  1. When ApsaraVideo Live initiates a callback request, it includes the ALI-LIVE-TIMESTAMP and ALI-LIVE-SIGNATURE headers in the HTTP or HTTPS request so that the callback message receiving server can authenticate the signature. The value of ALI-LIVE-SIGNATURE is calculated based on the following formula:

    ALI-LIVE-SIGNATURE = MD5SUM (MD5CONTENT)

    MD5CONTENT = Domain name|ALI-LIVE-TIMESTAMP value|Cryptographic key

    Note

    Domain name is the ingest domain for which you configure the callback URL. Cryptographic key is the cryptographic key that you specify for the callback URL.

  2. After receiving a callback message, the callback message receiving server concatenates the domain name of the callback, value of the ALI-LIVE-TIMESTAMP header, and cryptographic key in the preceding format. The server calculates the MD5 value of the string to obtain an encrypted string. Then, the server compares the encrypted string with the value of the ALI-LIVE-SIGNATURE header in the HTTP or HTTPS request initiated by ApsaraVideo Live. If the two values are different, the request is invalid.