Course Content

Total learning: 7 lessons Time: 10 weeks

Using POST and Ticketed Authentication

Up until this point, only the GET verb has been used when connecting to the server. This is the safest way to work with an API as there is less risk of changing something and causing a problem. Anytime you are doing a POST, PATCH, PUT, or DELETE there is a risk that you could change something that you don’t want to. So use caution whenever doing these other methods.

One of the most common reasons to go beyond the GET methods with the Mediasite API is to create a playback ticket. A playback ticket is a way to give someone a special URL that will bypass authentication for that user. This will allow them to access a specific presentation or collection, and track their usage based on a username that was given when the ticket was requested. This can be useful when building integrations with pay per view systems or certification tracking tools.

Typically, in these setups, the web server of the third-party system or integration would request a ticket from the Mediasite API on behalf of the user that is using that system. When the Mediasite API returns with a ticket, the ticket is appended to the end of the playback URL for the presentation or collection and then delivered to the end user to use. This usually would happen just in time and the user would follow the link shortly after the ticket creation. However, in this example, we will generate a long lasting ticket for testing.

Ticketed Authentication Example

  1. Find a Presentation or Collection that requires authentication to view in the Management Portal.
  2. Get the ID of the Mediasite resource from the address bar, e.g. 123456dc92864e77bccc2803605f9fef1d.
  3. In Hoppscotch, create a new Request with Method of POST and endpoint URL of /AuthorizationTickets
    Select “Raw input”
  4. In the Raw Request Body, enter the following:
    • {“ResourceId”:”917af0d7-13ce-43f4-b2bc-20b7a700c6b2″, (Presentation or Collection ID)
    • “Username”:”UsernameYouWantToTrack”, (username you want to track)
    • “MinutesToLive”:”300″ (How long you want the ticket should be valid)}
  5. Send that POST, and then you will get a response that will include a TicketID.
  6. From the response, copy the TicketID, then place it at the end of the playback URL for the presentation/that you sent to the user who does not have a login to view the presentation/catalog. It will look like this:

https://SERVER/Mediasite/Play/917af0d713ce43f4b2bc20b7a700c6b21d?AuthTicket= 82a3c7ab23304cbf970ca244723092b5

You could test launching that URL in an private browser window that is not logged into Mediasite, and it should automatically let you view the presentation with the ticket, and track your username as listed as long as the ticket did not expire.

Was this Information helpful?