Skip to main content

Introduction

Backstage allows you to let customers login through our API and gain access to user specific features such as: favourites, watch history, continue watching & more.

Identity Management System

Although Backstage offers you one unified API for users in reality it uses 3rd party systems to actually store users and provide the functionality for login.

The systems currently integrated are:

  • Cleeng
  • Okta
  • MPP

Tokens

When you log-in with the Backstage API's you'll receive a JSON Web Token (JWT), this is a stateless token (meaning that backstage has no knowledge of that token itself) containing the information from the 3rd party identity management system.

This token is signed and validated by Backstage so when it's tampered with in any way the system will throw an error and not use the information inside the token.

While the token can be read publically (as it should never have secret information) you should not use the information inside the token for anything. Backstage already provides the abstraction to work with it.

Just like any authentication token it should be stored securily on the device.

When you've received a token from Backstage you should send it in the Authorization header in the Bearer format:

Authorization: Bearer ...

Profiles

Next to the regular user object the system also handles profiles. Profiles are the entity under which things like favourites & continue watching are stored so people in a household don't have to search for their own stuff in the data.

When you log in you'll automatically receive a token with the default profile selected, so no need for multi-step logins. You can easily switch between them (after which you'll get a new token).

Last updated on by Tomas1229