Skip to main content
If your key server requires authentication, provide the keyServerAuth callback. The player calls it before every key request and attaches the returned token as a Bearer header.

Basic setup

The callback is async, so you can fetch or refresh tokens before returning:

How it works

  1. The player encounters an EXT-X-KEY tag in the manifest
  2. Before fetching the key, it calls your keyServerAuth() function
  3. The returned string is sent as Authorization: Bearer <token>
  4. If the key server returns 401 or 403, the player emits a KEY_AUTH_FAILED error

Error handling

Never log the token returned by keyServerAuth. The player does not include tokens in error messages or metrics.