Authentication - TVU Public API Stage

TVU public HTTP API supports the following authentication methods.

1. Authorization: Bearer

Your bearer token is AppSecret, which is generated in Command Center -> Setting -> Access App -> Create an Access App with both API Function and BearerToken enabled. This 32-character-long string is composed only of numbers and lowercase letters, e.g. 1234567890abcdefghij123456789012.

Our APIs only allow users to access resources they have permission for. The owner of the AppSecret determines which resources the API can access and manage.

Currently, the approach is supported by MediaHub, TVUSearch, and the endpoint mma.tvunetworks.com.

2. HTTP request header `SID`

The owner of the SID(a.k.a Session ID) determines which resources the API can access and manage. `

This API can be used to obtain the session ID. Once retrieved, include this string as the value of the HTTP request header SID when making API calls. Please refer to the code example provided below:

This Javascript snippet can be directly used in Postman as a pre-request script to obtain SID.

// Set your email and password
var email = "YourAccount";
var password = "YourPassword";

// Use the CryptoJS library to calculate the SHA512 hash of the password
var hashedPassword = CryptoJS.SHA512(password).toString(CryptoJS.enc.Hex);

// Construct the request body
var requestBody = {
    "email": email,
    "password": hashedPassword,
    "expireTime": 360
};

// Send an asynchronous request to get the token
pm.sendRequest({
    url: 'https://userservice.tvunetworks.com/userAuth/token/getToken',
    method: 'POST',
    header: 'Content-Type:application/json',
    body: {
        mode: 'raw',
        raw: JSON.stringify(requestBody)
    }
}, function (err, response) {
    // Check for errors and response status code
    if (err || response.code !== 200) {
        console.error('Failed to get token:', err ? err : `Status code: ${response.code}`);
        return;
    }

    // Parse the response body and extract the token
    var responseData = response.json();
    if (responseData.errorCode === "0x0") {
        var token = responseData.result.token;
        // Store the token in an environment variable for subsequent requests
        pm.environment.set("SID", token);
        console.log('Successfully obtained token:', token);
        pm.request.headers.upsert({ key: 'SID', value: token });
    } else {
        console.error('Failed to get token:', responseData.errorInfo);
    }
});

3. HTTP request header `AccessKey`

Fields	Type	Description
appkey	string	TVU creates a pair of keys for API users, including AppKey and AppSecret
timestamp	string	in millisecond. Generating Signature needs it.
signature	string	Signature = MD5(AppSecret + Timestamp)
requestId	string	A random string of 32 characters, including numbers and uppercase and lowercase letters.

This Javascript snippet can be directly used in Postman as a pre-request script to obtain SID.

// a random string of 32 characters, including numbers and uppercase and lowercase letters.
function generateRequestId(length) {
    var result = '';
    var characters = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';
    var charactersLength = characters.length;
    for (var i = 0; i < length; i++) {
        result += characters.charAt(Math.floor(Math.random() * charactersLength));
    }
    return result;
}

var appkey = "your_appkey_got_from_tvu_support";
var appsecret= "your_appsecret_got_from_tvu_support"
var account = "your_tvu_account"

var timestamp = Math.round(new Date().getTime())
var signature= CryptoJS.MD5(appsecret+timestamp).toString()
var requestId = generateRequestId(32);

var accesskey = {
    "requestId": requestId,
    "appkey": appkey,
    "timestamp": timestamp,
    "signature": signature
};

pm.collectionVariables.set("AccessKey", JSON.stringify(accesskey));

4. HTTP request header `Authorization`

The logic is the same as described in Method 2 on this page, except that it uses the Authorization request header instead of SID. This applies to endpoints under mma.tvunetworks.com.

5. HTTP request headers `appkey`/...

Fields	Type	Description
appkey	string	TVU creates a pair of keys for API users, including AppKey and AppSecret
timestamp	string	in millisecond. Generating Signature needs it.
signature	string	Signature = MD5(AppSecret + Timestamp)
requestId	string	A random string of 32 characters, including numbers and uppercase and lowercase letters.
account	string	your TVU account

This Javascript snippet can be directly used in Postman as a pre-request script to obtain SID.

// a random string of 32 characters, including numbers and uppercase and lowercase letters.
function generateRequestId(length) {
    var result = '';
    var characters = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';
    var charactersLength = characters.length;
    for (var i = 0; i < length; i++) {
        result += characters.charAt(Math.floor(Math.random() * charactersLength));
    }
    return result;
}

var appkey = "your_appkey_got_from_tvu_support";
var appsecret= "your_appsecret_got_from_tvu_support"
var account = "your_tvu_account"

var timestamp = Math.round(new Date().getTime())
var signature= CryptoJS.MD5(appsecret+timestamp).toString()
var requestId = generateRequestId(32);

var accesskey = {
    "requestId": requestId,
    "appkey": appkey,
    "timestamp": timestamp,
    "signature": signature,
    "account": account
};

pm.collectionVariables.set("AccessKey", JSON.stringify(accesskey));

Authentication API

1. Authorization: Bearer#

2. HTTP request header SID#

3. HTTP request header AccessKey#

4. HTTP request header Authorization#

5. HTTP request headers appkey/...#

1. Authorization: Bearer

2. HTTP request header `SID`

3. HTTP request header `AccessKey`

4. HTTP request header `Authorization`

5. HTTP request headers `appkey`/...