Contact Support | System Status
Page Contents

    Overview: Content Protection

    This document provides an overview of content protection available for the Brightcove Player.


    DRM (Digital Rights Management) protects your video content by encrypting the video data and unlocking it based on license policies. When the video content is loaded into a Brightcove Player, the player calls back to a licensing server and obtains permission to play the video. This transaction is transparent to viewers. See the Overview: Digital Rights Management (DRM) in Video Cloud document for more information.

    HLS encryption (HLSe)

    While not as secure as DRM, HLS encryption makes unauthorized viewing of your videos more difficult. See Protecting Videos with HLS Encryption for details on how HLSe works and how to get your account enabled.


    Geo-filtering can be used for content protection. See the Configuring Video Availability document for instructions on how to geo-filter your Video Cloud videos and the Geo-Filtering Messaging document on how to deal with geo-filtering errors in Brightcove Player.

    TTL (token authentication)

    If you are delivering premium or confidential content, you will be looking for all ways to ensure it remains secure. You do not want end users to be able to copy video URLs or continue to play back content without the proper authorization. Brightcove supports VOD signing of HLS, MP4, and DASH urls. Signing is supported for both Brightcove House and BYO CDN configurations with Akamai, Fastly, Cloudfront, and JOCDN.

    By default, TTL tokens have a very short life. You can increase the life if needed (for MRSS feeds and other use cases) by contacting Brightcove Support to have them set the token time-to-live value higher. The allowable range is one hour to one year. Remember that this is an account setting, however. Don't set the value so high that it might jeopardize the security of your other videos.

    Domain restrictions

    Domain restrictions can be set on players to limit the domains where players can be used. If the player publishing code is copied and used on another site, domain restrictions would prevent the player from loading any videos. Publishers must use the in-page embed code to actually get playback working on those domains that have been whitelisted. Publishers cannot use the iframe embed code on a whitelisted domain (or any other domain) and expect playback to function properly.

    See the Configuring Player Content Restrictions document for instructions on how to domain restrict your player and the Domain Restrictions Messaging document on how to deal with domain restriction errors in Brightcove Player.

    IP restrictions

    With IP restrictions, you can configure players to allow whitelisted IP addresses outside the U.S. to access your Video Cloud content. Please contact Customer Support for assistance. For players used outside of North America with IP restrictions, be sure to check out the information in the Restricting Video Playback Using IP Address to prevent issues that may arise.

    Page last updated on 07 Aug 2021