Documentation Index
Fetch the complete documentation index at: https://docs.bunny.net/llms.txt
Use this file to discover all available pages before exploring further.
The Embed View Token Authentication allows you to secure your iframe to prevent unauthorized embedding of your videos.
Once enabled, every embed request to the iframe must include a valid token and expires pair. A 403 Forbidden on the iframe almost always means one of: the expires timestamp has already passed, the token was hashed with the wrong key/video ID/expiration combination, or the parameters are missing entirely. Generate tokens server-side — never expose your token security key in client-side code.
Signing procedure
To create a secure URL, you must add a token and expires query parameters to the URL that you want to access. The expires parameter is the UNIX timestamp in seconds marking until when the URL is accessible. Milliseconds and nanoseconds are not supported. After this passes, the URL will no longer be accessible.
The token parameter is a HEX value of the SHA256 hash based on the key, video ID and expiration time. To generate the token, you can use the following algorithm.
SHA256_HEX(token_security_key + video_id + expiration)
https://iframe.mediadelivery.net/embed/759/eb1c4f77-0cda-46be-b47d-1118ad7c2ffe?token=5a5de480db5d14ed30717a3e849c7148a998fa42b0c267774756558e2de99eee&expires=1456761770
https://video.bunnycdn.com/FairPlayLicense/759/eb1c4f77-0cda-46be-b47d-1118ad7c2ffe?token=5a5de480db5d14ed30717a3e849c7148a998fa42b0c267774756558e2de99eee&expires=1456761770
