Try Live Demo

In Ant Media Server, there are numerous Security options for Publishing and Playing Streams. We’ve introduced another one, Webhook Authentication for Stream Publishing, in version 2.4 and higher.

Whenever the stream initiates, Ant Media Server just calls your webhook URL and sends the HTTP request to see if it accepts this stream. Ant Media Server also sends the stream ID, which you may check on your end to see if it’s valid or not.

As a result, if your Webhook URL returns status code 200, Ant Media Server accepts the stream. If it returns something else, Ant Media Server does not accept the stream.

When to use Webhook Authentication

You can use Webhook Authentication for Stream Publishing if you don’t know the stream id in advance and don’t want to validate it with tokens, and you have all of the stream ids on your application servers. Both WebRTC and RTMP streams can be ingested with Webhook Authentication.

How to enable Webhook Authentication

To enable this feature, first, you need to add the below-mentioned setting in <AMS_DIR>/webapps/<AppName>/WEB-INF/red5-web.properties.

settings.webhookAuthenticateURL=your-webhook-URL

After making the changes, just restart the server.

To try this feature and receive your own webhook URL, go to this webhook site. The response code will always be 200 by default when you send a request to that site correctly. Let’s try publishing a stream as an example.

Sample webhook URL from webhook site is added in settings file as follows.

settings.webhookAuthenticateURL=https://webhook.site/23fd2ec9-8ecc-46fb-8144-65009c3aacbc

After this, when an RTMP/WebRTC stream initiates to publish, it will trigger the webhook URL and sends the request like below.

Webhook request1 1

If the response is 200, the stream can be published with the following logs.

INFO i.a.s.AcceptOnlyStreamsWithWebhook - Response from webhook is: 200 for stream:stream1
INFO i.a.e.w.WebSocketEnterpriseHandler - Is publish allowed through Webhook Authentication: true

By selecting the Edit option from the webhook site’s menu, you may now modify the response code. Change it to 300, as an example.
Please try publishing the stream again, however, because the response will be 300 this time, it will not be allowed to be published on the server with the logs below.

INFO i.a.s.AcceptOnlyStreamsWithWebhook - Response from webhook is: 300 for stream:stream1
WARN i.a.s.AcceptOnlyStreamsWithWebhook - Connection object is null for stream1
INFO i.a.e.w.WebSocketEnterpriseHandler - Is publish allowed through Webhook Authentication: false

For more details about using webhook in Ant Media Server, please check webhook documentation.

Categories: Tutorial

Yash Tandon

Yash is a experienced Technical Support Engineer at Ant Media with a robust background in troubleshooting and optimizing technical systems. Proficient in a diverse array of technologies, including AWS, Docker, Kubernetes, Python and Shell scripting, Selenium, etc. Additionally, well-versed in media technologies such as RTMP, HLS, VOD, WebRTC, and Live Streaming tools.