Copy Stream URL - playback in browser

[fakers123]

Hello!

I've have fresh jellyfin 10.8.10 install on Ubuntu 22.04 server. And I've uploaded a video to the server for testing purposes.

Is there a way to get the "Copy Stream URL" to create a suitable URL link to play the video in browser publicly with no account?

Are there any solutions to this where you don't need to use third party apps VLC etc.. ?

Any help would be appreciated!

[bitmap]

The web client doesn't require a third-party app, but I'm guessing that's not what you're asking?

You can get the link you're talking about via API but the token and everything is required and I'm not sure about expiry on playback USER tokens. I haven't taken a deep dive into the Jellyfin API yet.

Don't do this. Read:

I would strongly recommend not sharing those URL's as the token is not a playback token but your users access token, you don't want that to leak.

[niels]

I would strongly recommend not sharing those URL's as the token is not a playback token but your users access token, you don't want that to leak.

[fakers123]

Yeah, the web client doesn't need a third party app.

Im looking for a possible solution for "Copy Stream URL" link is automatically turned into a download link. Is there any possible solutions to make or get the video link from the server, so it would function in internet browser, that automatically shows video and can be played?

And if possible, without an account on the server, but a public one.

[fakers123]

The web client doesn't require a third-party app, but I'm guessing that's not what you're asking?

[quote="niels" pid='3867' dateline='1694108032']
I would strongly recommend not sharing those URL's as the token is not a playback token but your users access token, you don't want that to leak.

Security is not a issue, it would be for an internal corporate network.

[bitmap]

I would strongly recommend not sharing those URL's as the token is not a playback token but your users access token, you don't want that to leak.

I was assuming that would be inferred...but you're 100% correct to state it explicitly. That's my bad for not saying the quiet part out loud. *Also for not realizing it was user token, not playback token. Edited previous post to reflect that it's a "bad" (read: terrible) idea. "Token" generally means DO NOT SHARE WITH OTHER PEOPLE.

[bitmap]

The web client doesn't require a third-party app, but I'm guessing that's not what you're asking?

[quote="niels" pid='3867' dateline='1694108032']
I would strongly recommend not sharing those URL's as the token is not a playback token but your users access token, you don't want that to leak.

Security is not a issue, it would be for an internal corporate network.

Why not run an "open" instance of Jellyfin internally and allow users to download from there (e.g., require VPN to access/authenticate)? Or have a service user? I still think the idea of providing a download link that includes a token is problematic. More info about the use case would be good to provide information about a solution.

[TheDreadPirate]

The web client doesn't require a third-party app, but I'm guessing that's not what you're asking?

[quote="niels" pid='3867' dateline='1694108032']
I would strongly recommend not sharing those URL's as the token is not a playback token but your users access token, you don't want that to leak.

Security is not a issue, it would be for an internal corporate network.

Why not run an "open" instance of Jellyfin internally and allow users to download from there (e.g., require VPN to access/authenticate)? Or have a service user? I still think the idea of providing a download link that includes a token is problematic. More info about the use case would be good to provide information about a solution.

He could also lock it down by not allowing remote connections and seeing the Internal network config to all his corporate subnets.  Could take that further and set the firewall to only allow incoming connections to port 8096 from trusted subnets.

[bitmap]

Tons of better ways to do this than "grab the URL"...