Skip to main content

The upload() function

upload() takes three arguments: segments, a manifest string, and options.
keyServerUrl must include the /keys path — e.g., https://your-worker.workers.dev/keys, not just the base URL. The uploader appends /:contentId when fetching the content key.

What happens internally

Preparing segments

The uploader expects pre-segmented HLS content.ts segment files and a .m3u8 manifest. It does not convert raw video to HLS. Server-side (ffmpeg):
Reading files from a browser <input>:
Pass the original, unmodified manifest to upload(). The uploader rewrites it internally — adding EXT-X-KEY tags that point to your key server.

SegmentInput format

Verify playback

After uploading, verify the content plays back correctly using the Player:
The player fetches the same content key from the same key server and decrypts the segments you just uploaded. This closes the loop: upload → store → play.

Authentication

The auth callback is called twice:
  1. Key fetch: The uploader sends Authorization: Bearer <token> when fetching the content key
  2. Presign requests: The uploader sends the same header when requesting presigned URLs
Make sure your auth token is valid for both the key server and presign endpoints. If they use different auth, you’ll need to configure auth at the transport level.