Pricing Blog Docs
components

Hotlink protection

Just as our upload component the protected player requires a JWT (JSON Web Token) using your API key. While the following example demonstrates the usage in a node.js environment, JWT is widely supported across various languages and frameworks.

<mave-player embed="{embed id}" token="{token}"></mave-player>

Your space id can be found in settings: developers and the collection id can be found on the page of the collection itself, underneath the title.

// server
const jwt = require("jsonwebtoken");

const token = jwt.sign(
  {
    sub: "XD9HPRtkDDmENLeVy9ripU", // space, collection or embed can be specified
    exp: 1680795697, // how long the player should work
  },
  "SHJmNHhXNnFublZXajNCNllYUmhoTTpUVDRqZ3ZqYWJtOEtVbmNFb2h2d1RY" // API key
);

Allowing to play without an exp means this player component will always (until you revoke your API key) be valid. We highly recommend using an appropriate exp to prevent abuse.

Note: to enabled the protected player, the setting Hotlink protection should be enabled.
🍪 Press 'Accept' to confirm that you accept we don't use cookies. Yes, this banner is just for show!
Accept