customerAuthenticator Customer authenticator as query parameter customerAuthenticator FairPlay
This is your customer API key, one each for your production and test environments. You can find this on the ExpressPlay Admin Dashboard tab.
Yes
errorFormat
Either html or json. If html (the default) an HTML representation of any errors is provided in the entity body of the response. If json is specified, a structured response in JSON format is returned. See JSON Errors for details. The mime type of the response is either text/uri-list on success, text/html for HTML error format, or application/json for JSON error format.
No
Table 4: License Query Parameters
Query Parameter
Description
Required?
generalFlags
A 4 byte hexadecimal string representing the license flags. ‘0000’ is the only allowed value.
No
kek
Key Encryption Key (KEK). Keys are stored encrypted with a KEK using a key wrapping algorithm (AES Key Wrap, RFC3394). If kek is supplied, either one of the kid or the ek parameters needs to be supplied, but not both.
No
kid
A 16 byte hexadecimal string representation of the content encryption key or a string '^somestring'. The length of the string followed by the '^' cannot be greater than 64 characters.
No
ek
A hex string representation of the encrypted content key.
No
contentKey
A 16 byte hexadecimal string representation of the content encryption key
Yes, unless the kek and ek or kid are provided.
iv
A 16 byte hexadecimal string representation of the content encryption IV
Yes
rentalDuration
Duration of the rental in seconds (default - 0)
No
fpExtension
A short form wrapping extensionType and extensionPayload, as a comma separated string. For example: […] &fpExtension=wudo,AAAAAA==&[…]
No, any number can be used
Table 5: Token Restriction Query Parameters
Query Parameter
Description
Required?
expirationTime
Expiration time of this token. This value MUST be a string in RFC 3339 date/time format in the ‘Z' zone designator ("Zulu time"), or an integer preceded by a '+' sign. An example of an RFC 3339 date/time is 2006-04-14T12:01:10Z .
If the value is a string in RFC 3339 date/time format, then it represents an absolute expiration date/time for the token. If the value is an integer preceded by a '+' sign, then it is interpreted as a relative number of seconds, from issuance, that the token is valid.
For example, +60 specifies one minute. The maximum and default (if not specified) token lifetime is 30 days.
No
Table 6: Correlation Query Parameters
Query Parameter
Description
Required?
cookie
An arbitrary string up to 32 characters long, carried in the token and logged by the token redemption server. This can be used to correlate log entries at the redemption server and those at the service provider’s servers.
No
Response
Table 7: HTTP Responses
HTTP Status Code
Description
Content-Type
Entity Body Contains
200 OK
No error.
text/uri-list
License acquisition URL + token
400 Bad Request
Invalid args
text/html or application/json
Error description
401 Unauthorized
Auth failed
text/html or application/json
Error description
404 Not found
Bad URL
text/html or application/json
Error description
50x Server Error
Server error
text/html or application/json
Error description
Table 8: Event Error Codes
Code
Description
-2002
Invalid token expiration time: <details>
-2003
Invalid IP address
-2005
Invalid content encryption key: <details>
-2008
Invalid output control flags specified: <details>
-2017
Authentication token must be supplied
-2018
Authentication token invalid: <details>
Note: This can happen if the authenticator is wrong or when accessing the test API at *.test.expressplay.com using the production authenticator and vice versa.
Note: The Test SDK and Advanced Test Tool (ATT) only work with *.test.expressplay.com , whereas production devices must use *.service.expressplay.com .
-2019
Insufficient tokens available
-2020
Missing rights type
-2021
Invalid rights type
-2022
Missing rental period end time
-2023
Missing rental play duration
-2025
Invalid rental play duration
-2027
Content encryption key must be 32-hexadecimal digits long
-2030
ExpressPlay Admin error: <details>
-2031
Service Account Disabled
-2033
Invalid cookie
-2034
Invalid Output Control, values out of specified range
-2035
No corresponding value specified
-2036
Extension type should be 4 characters
-2037
Extension payload should be Base64 encoded
-2040
OutputControlFlag must be encode 4 bytes
-3004
Invalid error format specified: <format>
-4001
Device could not be authenticated
-4010
Invalid token
-4018
Missing Kid
-4019
Failed to get content key from key storage service
