- What is this feature?
- Token Based Media Access provides a more secure way to access media files exchanged between your users.
- With our new Token Based Media Access feature, each user receives a unique media URL.
- So when you deactivate a user, their URL stops working and the media can no longer be accessed.
- How do I get this feature?
- Just click https://www.cometchat.com/eap-signup to sign up!
- How does this feature work?
- CometChat will generate a special access token for each media/file attachment per message receiver. So, anyone who receives an attachment, gets a token for that attachment. This is available whether files are sent in groups or one on one conversations.
- The token ensures that the receiver is valid and active before allowing them to access the attachment.
- If the receiver is deactivated, they will no longer be able to access the attachment. But, any receivers who received the same attachment (say in a group) will still be able to view the media with their own unique, token based url. Active users maintain access - but files are secure from anyone who is not an active user.
- Can I restrict users from directly accessing the tokenized media files by forcing them to login to my platform?
- Yes, you can. To achieve this, you will have to modify your client-side code to prepend every media URL with your server's URL.
- Which implementation methods support this feature?
- This feature is available for all implementation methods (Chat Widgets, UI Kits, SDKs, APIs).
- How can I implement this feature?
- You need to follow a few steps to implement this feature:
- Signup for our Token Based Media Access EAP here.
- Once you sign up, we'll make a quick change in the backend and let you know you're ready to go.
- NOTE: If you are using Webhooks, then you will need to send the API Key to the URL received in order to access a tokenized media URL.
- Is the attachment tied to the sending user or the receiving user?
- Receiving user in both user to user and group conversations.
- Please note that your previously shared media will not be tokenized and will continue to work as-is.
FAQs on our Current EAPs
Token Based Media Access
Author:
Hilary Wainwright
- Updated:
<% var getColumnClasses = function(columnNumber) {
var classNames = numberColumns === 'auto' ? 'col-auto' : 'col-12';
if (numberColumns >= 2) classNames += ' md:col-6';
if (numberColumns >= 3) classNames += ' lg:col-4';
if (numberColumns >= 4) classNames += ' xl:col-3';
return classNames;
} %>
Community
