Security token intro
Publisher: Psychz Networks, January 25,2021Intro
Security tokens or URL tokens are a way to give users access permission for various Web resources. Secure Token offers protection by limiting access to the desired URL and its content from unauthorized requests. It helps to make a link to your content temporary or restrict access to the content by an IP address.
The feature provides additional protection by including a specific hashed string in the URL of the assets users are requesting. URLs are secured by adding special character sets to every link. These characters are codes that store a directive defining the link's availability (time to live) and the IP address that can access it. This code is known as a secure token. When a user follows the link, our CDN processes this request and decrypts the secure Token. The CDN will deny access to the requested content if it finds the link is expired or the access requesting IP address does not match.
How it works
The Security Token module verifies a requested resource's validity by comparing an encoded string in the URL of the HTTP request with the string it computes. If a link has a limited lifetime and the time has expired, the link is considered outdated and no longer valid.
The following diagram explains how a security token works in a real-time environment.
Using our dashboard system, you can generate a Secret Key (MD5 based encryption), which you can incorporate and create your own Security Token using a PHP or Python script.
A sample security token looks like
Token Parameters
You can restrict access to your content based on an IP address, but it is optional. If you like, you can make the content accessible from all IP addresses. You can provide the path at the start of the link followed by MD5, which produces a 128-bit hash value and expiration time to ensure that the token is active for a desired period only.
The following is a sample code in PHP that you create by incorporating the secret key you can generate using the dashboard.
// Generate the URL
$url = "https://$base_url{$locationpath}?md5={$token}";
}
return $url;
}Secure tokens are created and added to links on your site. Configuring the site is easy — you just need to add a script. For your convenience, we have ready templates in PHP and Python, which you can use to generate Secure tokens. Please refer to the following articles
For PHP: https://www.psychz.net/client/kb/en/secure-token-integration-for-php.html
For Python: https://www.psychz.net/client/kb/en/secure-token-integration-for-python.html
To know how to add security token, please visit the following article Add Security Token.