Concurrency Monitoring Tips & Tricks | Know What Metadata Your Policy Requires
What metadata do I need to pass when initializing a session?

There are 3 metadata attributes that you must pass in the session initialization calls that are required by design. The following 3 attributes are used to identify your application, the MVPD, and the unique user creating the session:

 

 

Field name

 

 

 

 

Example value 

 

 

 

 

Where to use it

 

 

 

 

Obtained from 

 

 

 

 

applicationID

 

 

 

 

75b4-431b-adb2-eb6b9e546013 

 

 

 

 

Authorization header

 

 

 

 

Zendesk ticket during integration 

 

 

 

 

Idp (MVPD name)

 

 

 

 

Spectrum 

 

 

 

 

URI path

 

 

 

 

Adobe Primetime Authentication from config endpoint when user selects the MVPD 

 

 

 

 

subject

 

 

 

 

12345 

 

 

 

 

URI path

 

 

 

 

Adobe Primetime Authentication upstreamUserID metadata after user login 

 

 

 

 

 

 

 

Additionally, your Concurrency Monitoring policy may require that you pass in other specific metadata in order to enforce concurrency. For example, you may wish to limit a user's ability to create sessions while outside of their home network, but allow them to create an unlimited number of sessions while at home. To solve for this, certain MVPDs, including Spectrum, support Home Based Authentication (HBA). MVPDs can send the metadata field "hba_status" to indicate whether or not someone is creating a session from within their home network.

 

  • hba_status=true (user is at home)
  • hba_status=false (user is not at home)

 

If your policy limits the number of sessions that can be created outside of a user's home network, passing hba_status=false on the session init call will trigger the enforcement of the policy. 

 

Down the road you may wish to add additional rules to your policy that rely on other metadata being passed. For this reason, it’s a best practice to have the application make a call to http://streams.adobeprimetime.com/v2/metadata before initializing a session. The call to /metadata will return an array of metadata fields required by your policy. For example:

 

[

  "hba_status"

]

 

Note:

  • Making the session init call without passing all of the required metadata will result in a 400 response
  • The Adobe Pass native Access Enablers retrieve upstreamUserID and other metadata (including hba_status) via the getMetadata() function, or via the /usermetadata endpoint when using the Clientless API. 
  • In the case of hba_status in particular, the value can change from true to false or vice versa after a user has already Authenticated. For this reason, you'll want retrieve the most up-to-date value after the Authorization call.

 

For more information about retrieving user metadata, please see the following documentation:

 

http://tve.helpdocsonline.com/user-metadata-v2