Control Panel — API Documentation



This API creates a SEVU ticket. This ticket allows a user to view a protected video. This system allows you to restrict access to a specific video or subset of videos, to a specific IP address, timeframe and usage count.

Example Code (PHP)

    $request = array(
        'command' => 'sevu.request',
        'api_key' => 'APX4GKLM0RKQLSP2FBO1ROPKSSW47DZE',
        'timestamp' => time(),
        'cdn' => 158,
        'app' => 'demo-origin',
        'video' => 'mystream',
        'pass' => 'unique_random_string_per_request',
        'ip' => '',
        'uses' => 5,
        'expire' => '2024-07-19 23:22:40',
        //Create request signature
    $json_request = json_encode($request);
    $sig = base64_encode(hash_hmac('sha256', $json_request,
        '8fc8c48da81e6a2a06a9556379bf798af508dc0792497c678b4c3532ba8b637f', true));
    $request['signature'] = $sig;
    $json_request = json_encode($request);
    $ch = curl_init();
    curl_setopt($ch, CURLOPT_URL, ''); // Set the URL
    curl_setopt($ch, CURLOPT_POST, true); // Perform a POST
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); // If not set, curl prints output to the browser
    curl_setopt($ch, CURLOPT_HEADER, false); // If set, curl returns headers as part of the data stream
    curl_setopt($ch, CURLOPT_POSTFIELDS, array('json' => $json_request)); //'Json' string or 'PHP' serialized return
    //If your PHP host does not have a proper SSL certificate bundle, you will need to turn off SSL Certificate Verification
    //This is dangerous, and should only be done temporarily until a proper certificate bundle can be installed
    //curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false); // Turns off verification of the SSL certificate.
    //curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); // Turns off verification of the SSL certificate.
    $response = curl_exec($ch); //Execute the API Call
    if (!$response) {
        die('Failed to connect to ScaleEngine API');
    //Decode the response as an associative array 
    $arrResponse = json_decode($response, true); 
    if ($arrResponse) {
        //Operation completed successfully
        //TODO Add work here
    } else {
        //Operation failed
        echo 'An error occured processing your request:';
    echo "?key={$arrResponse[ticket][key]}&pass={$arrResponse[ticket][pass]}";

Request Fields

command [REQUIRED] [string] - API command to execute
cdn [REQUIRED] [int] - The ScaleEngine CDN ID of your account
api_key [REQUIRED] [string] - The API key provided as part of your account
timestamp [REQUIRED] [int] - The unix timestamp of your request, used to prevent authenticated API requests from being replayed
  • [string] - The ScaleEngine Application name to restrict viewing to
  • [string] - A pipe separated list of applications, optionally with wildcards.
    Example: myapp-vod|otherapp-*
video [REQUIRED]
  • [string] - The stream name or path of the VOD video the user is restricted to. VOD examples look like like: sestore3/username/path/filename.mp4
  • [string] - One of more stream name or VOD path separated by a pipe, optionally with wildcards. This allows for things like multi-bitrate streams or files, or allowing users access to a group of streams and videos.
    Example: mystream_* will match mystream_720p and mystream_360p.
    Example: file1.mp4|file2.mp4 will only allow the listed files to play
    Example: sestore3/username/set1/*|sestore3/username/set2/* will match any file in those directories
pass [REQUIRED] [string] - A randomly generated password. Should be unique for each request. Recommended length atleast 10 characters.
  • [string] - The IP address to allow access from
  • [string] - The CIDR mask of a range of IP addresses to allow access from.
    Example: allows any IP address
  • [string] - The literal string 'auto' or 'auto/24'. This will update the ticket the first time it is used to restrict it to the IP address of the user. This will prevent account sharing, while at the same time dealing with edge cases such as users behind corporate firewalls or proxies that may have a different IP address on the website than they will use to access the video stream
uses [REQUIRED] [int] - The number of times the video will be allowed to start. This can be used to restrict how many times a ticket may be used, and helps further protect against account sharing
expire [REQUIRED] [datetime] - The expiration date of the ticket. After this time, access will no longer be allowed, the user will require a new ticket.
Example: 2024-07-19 23:22:40

Example Result (JSON)

    "code": 2002,
    "message": "ScaleEngine Virtual Usher Ticket Granted",
    "status": "success",
    "ticket": {
        "key": "mystream.53ffc996dd39d5.39102367",
        "pass": "g63clVAI5wFPxY9vwVOJvw6L",
        "ip": "",
        "video": "mystream",
        "app": "myapp-sevu",
        "created_date": "2014-08-29 00:30:14",
        "used_date": "0000-00-00 00:00:00",
        "uses": "5",
        "active": "1"
    "handle_time":"0.3795 seconds"

Result Fields

code [int] - API Response Code
  • 2000 - ScaleEngine Virtual Usher Ticket failed to return newly created ticket information
  • 2001 - ScaleEngine Virtual Usher Ticket could not be created at this time
  • 2002 - ScaleEngine Virtual Usher Ticket Granted
  • 2003 - ScaleEngine Virtual Usher Ticket uses must be greater than 0
  • 2004 - ScaleEngine Virtual Usher Ticket expiry date must be a future date
message [string] - Debugging message
status [string] - "success" or "failure"
key [string] - The SEVU ticket. This is the string that combined with the password provided when the ticket was created allows a user access to a protected stream. Must be included in the server URL as the "key" parameter
pass [string] - The password provided by you when you requested the ticket. Must be included in the server URL as the "pass" parameter
ip [string] - The IP address provided in the request
video [string] - The video(s) or stream(s) that this ticket is valid for
app [string] - The application(s) that this ticket is valid for
created_date [datetime] - The datetime the ticket was created
used_date [datetime] - The datetime of the first time this ticket was used by a user
uses [int] - How many uses remain for this ticket, this number is decremented each time the ticket is used
active [bool] - 1 if the ticket is still active, 0 if it has been revoked
handle_time [float] - The amount of time spent processing your request