JW Player provides a simplified approach to protecting your content with industry-standard Digital Rights Management (DRM). By enabling DRM on a property from your JW Player dashboard, the complex aspects of DRM management are managed by JW Player on your behalf:

  • Several configured DRM policies
  • DRM license generation and management for Widevine, PlayReady, and Fairplay DRM solutions
  • License delivery services for content playback on any device

With JW Player managing the technical aspects of DRM, you can focus on the design and implementation of engaging content experiences.

🔑

If you have not enabled Studio DRM with JW Platform or for a live stream integration, you can use Studio DRM Standalone with your current streaming and hosting solution.



Compatibility


Desktop

The two most recent stable versions of the following listed browsers are supported.

HTML5 Browsers FairPlay PlayReady Widevine
Chrome
✓
Firefox
✓
Internet Explorer 11
(Windows 8.1+)
✓
Microsoft Edge
(Windows 10+)
✓
✓
Opera
✓
Safari
✓

Mobile Phones and Tablets

Browsers & Phones FairPlay PlayReady Widevine
Android 5+
(native)
✓
Chrome (Android)
3 most recent stable versions
✓
iOS/iPadOS 12+
(native)
✓
Safari (iOS)
2 most recent stable versions
✓
Windows Phone
✓

OTT

Device FairPlay PlayReady Widevine
Android TV
✓
✓
Apple TV 12.0+
✓
Chromecast
✓
✓
Fire TV 6.0+
✓
✓
Roku
2 most recent versions
✓
✓
Samsung Tizen
(Models 2017+)
✓
✓
Smart TV Alliance (webOS 6.0+)
LG, Panasonic, Philips, Toshiba
✓
✓


Requirements


Acquire Apple FairPlay credentials

If you want to use the Apple FairPlay DRM, you must get a FairPlay Streaming Deployment package from Apple and upload the credentials to each DRM-enabled property in your JW dashboard.

📘

You can use the same FairPlay Deployment package on all your properties, but you must upload the package to each property, explicitly.


You must have the FairPlay credentials listed in the following table.

CredentialNotes
Encoded *.p12 keystore fileThe *.p12 keystore file must contain your FPS Deployment certificate and private key. This file must be password-protected (be sure to password-protect the whole file, NOT just the private key)
ASKApp secret key

To create the .p12 keystore file in OpenSSL, use the following commands:

$ openssl pkcs12 -export -out NAME.p12 -inkey PRIVATE_KEY.pem -in CERT.pem -passout pass:PASSWORD


High-Level Workflow Overview

The following high-level workflow illustrates how to request and play DRM content.

1509

High-Level Workflow Explained

  1. Create a new property in your JW Player account and enable Studio DRM on the property. Four predefined DRM policies (see the section later in this guide) are created in the property, and content URL signing is automatically enabled on the property.
  2. Upload content to the new Studio DRM-enabled property.
  3. The content is transcoded, and a unique mediaID and other metadata are created as with any media uploaded to JW Platform.
  4. Your application makes a signed API request to the JW Delivery API to get a single-item playlist that contains Studio DRM media URLs and license acquisition URLs (LA_URL) for a media ID.

    NOTE: All DRM API requests must use HTTPS. DRM is not supported over HTTP connections.
  5. Pass the media URL and LA_URL (plus certificate URL if using FairPlay) to your player configuration.

    NOTE: If you are using a JW Player HTML5 player in your application, the whole response can be passed directly to the player's setup configuration. For other players, consult the player's DRM configuration documentation.

  6. When playback is initiated, the player sends an encrypted DRM license request to the JW Delivery API.
  7. The JW Delivery API returns the DRM license to the player.
  8. If the device satisfies the policy restrictions in the license, playback begins. If the device does not satisfy the restrictions, the player reports an error.