Notification

DAI is available to Google Ad Manager 360 publishers and partners with an advanced contract who meet the requirements. Contact your account manager for more information.

Authenticate DAI video stream requests

Learn how to create authentication keys in Ad Manager

Dynamic ad insertion (DAI) authentication keys are used to prove that video stream requests are coming from you. They provide better security during ad serving. A key is an unbroken string of 64 characters and numbers. Some older keys may be 25 characters or numbers.

Example

0L94DEA6C87B0F3D2407018ACF88ECDE77DK38AD1DX01957311A50E9D1O3F15B

Static API keys: API keys take precedence over HMAC when both are included. API keys are less secure than HMAC keys. Use of HMAC keys is therefore recommended.

HMAC: HMAC-based token authentication provides more security than static API keys. HMAC tokens use a secret key and limited duration to ensure the token cannot be easily shared across users or sessions.

Tip: Before authenticating stream requests, ensure you have the following:

  • DAI authentication key with the type HMAC
  • Livestream configured for DAI

Add a new HMAC DAI authentication key

Generate and add a new HMAC type DAI authentication key:

  1. Sign in to Google Ad Manager.
  2. Click Admin, then Video and audio.
  3. Select “DAI authentication keys”.
  4. Click New DAI authentication key.
  5. Enter the name of the new key. Select the Type "HMAC."
  6. Click Save.

This key is linked in your livestream when you enable authentication.

Enable authentication for requests to DAI APIs

Link your HMAC key to your stream:

  1. Sign in to Google Ad Manager.
  2. Click Video, then Live streams.
  3. Select your livestream from the list, or click New livestream. Learn more about creating a new livestream.
  4. Under General settings,
    1. Select “Enabled” for “Pod resource authentication keys” for authenticating ad pod requests and/or
    2. Select "Enabled" for "Stream to create authentication keys" for authenticating stream session requests
  5. Select the HMAC key you created.
  6. Click Save.

To view and copy your key, return to the details page. Once you create an active DAI authentication key, you can use it immediately. Embed the key on the client video app, where you make DAI stream requests.

Tip: A best practice includes generating separate DAI authentication keys for each of your client platforms (for example, iOS, Android, and Web).

Keys are automatically set to "Active" upon save. Only correctly implemented "Active" keyscan validate requests.

Requests using deactivated keys are denied. Only deactivate a key if it becomes compromised or should not be used.

Deactivate an existing authentication key

With the following steps you can deactivate an authentication key:

  1. Sign in to Google Ad Manager.
  2. Click Admin, Video and audio, then "DAI authentication keys."
  3. From the list, select the key you want to deactivate.
  4. Select the Status "Inactive."
  5. Click Save.

Implement an authentication key

HMAC keys

Learn how to implement HMAC authentication.

API keys

Use the IMA SDK to set the apiKey property on the IMAStreamRequest object. See the iOS, Android, Chromecast, or tvOS developer documentation for more information.

For server-side beaconing (SSB), use the api-key query parameter:

curl "https://dai.google.com/ondemand/hls/content/CMS_ID/vid/VIDEO_ID/master.m3u8?api-key=<api-authentication-key>"

For any issues related to DAI troubleshooting or outages, contact publisher support.

Was this helpful?

How can we improve it?

Need more help?

Try these next steps:

Post to the help community Get answers from community members
Contact us Tell us more and we’ll help you get there
true
Unlock your revenue with personalized tips today!

Visit the Optimization tips for Google Ad Manager page to see personalized suggestions to maximize your revenue.

Unlock now

Search
Clear search
Close search
Main menu
10359551798920155252
true
Search Help Center
false
true
true
true
true
true
148
false
false
false
false
false