OpenTV ENTera & OpenTV Platform Documentation
OpenTV ENTera & OpenTV Platform Documentation
Breadcrumbs

Content and Product Manager (CPM) API documentation: commercial v2

Important

Access and authentication information

There are three categories of API:

  • Client APIs – used by client applications

  • Operator APIs – used by operators

  • Admin APIs – used for communication between modules

The categorised lists of APIs are available in Service endpoint categories.

The subdomain used for API calls is different for each external-facing API category:

  • Client APIs use the api subdomain.

  • Operator APIs use the operator subdomain.

Both client and operator APIs require authentication – these are detailed in the Client APIs and Operator APIs sections below.

Client APIs

OpenTV Platform uses NGINX to ensure that only authenticated clients can use client-facing APIs. It expects the client to supply the token that it received at signon, as:

  • An authorization header with prefix in the value of Bearer,

  • A Client-token header,

  • A query string parameter in the URL, or

  • If the request is a POST, token in the post arguments.

For backward-compatibility, the older MediaLive Identity Token is still supported.

NGINX validates and decodes the token and passes it on to the module as a token in the header – which is why the following API documentation may refer to token rather than the options mentioned above.

Operator APIs

All operator APIs use Keycloak to authenticate the caller before requests can be made. This is explained in detail in Accessing operator APIs using Keycloak.

All PUT and POST calls to the Content and Product Manager (CPM) are validated by the Validation Service. If there is a problem with the data you are submitting, you will receive one of the following:

  • Error – the data is invalid, so the request fails.
    The error message will indicate which data is invalid and why.

  • Warning – there is an issue with the data that does not prevent it from being added/updated in CPM, but that you need to be aware of.
    For example, if a mandatory field has no value for a non-primary locale (but the same field for the primary locale does have a value), you will get a warning rather than an error.
    The warning message will indicate which data is invalid and why.

Note that there are still conditions where a request can pass validation, but fail when it reaches CPM, so you must handle such responses in an appropriate way too.

In addition, all such errors and warnings:

  • Are available as a report in Data Warehouse (errors only).

  • Generate alert emails that are sent to the email addresses that were configured when the system was deployed.

This data only becomes available in the report 60–90 minutes after the error occurs (and the email is sent).



See also

Open API Spec