Authenticating your Google Dynamic Ad Insertion (DAI) requests protects your livestream events and provides the following advantages:
- Maximize concurrent sessions: DAI only registers a new session for authenticated stream creation requests, preventing unauthenticated requests from exhausting your ad impressions.
- Flexible configuration: Authentication is optional and configured at the livestream level. If you enable Hash-Based Message Authentication Code (HMAC) Stream create authentication keys in the Google Ad Manager UI, you must include an HMAC token with your requests. If this setting is disabled, authentication isn't required.
Prerequisites
Ensure you have the following information from the Google Ad Manager UI:
- A DAI authentication key with the type HMAC.
If you don't have one:
- Navigate to the Google Ad Manager UI, go to Admin > Video and audio.
- Select DAI authentication keys.
- Click New DAI authentication key.
- From the drop-down, select type HMAC and select Save.
- A livestream configured for DAI.
Enable authentication for requests to create DAI stream sessions
Google DAI supports the following authentication key types:
- Hash-based Message Authentication Code (HMAC): a cryptographic technique that uses a secret key and a hash function (SHA-256). To verify both the authenticity of the app developer and the integrity of the pod request data, we recommend using the HMAC authentication key.
- API Key: an alternative to HMAC. To implement this method, see the API Key configuration guide.
To generate an HMAC token and authenticate stream creation requests, see Authenticate stream session requests
To link your HMAC key to your stream, do the following:
- In the Google Ad Manager UI, navigate to Video > Live streams.
- Select your livestream from the list.
- Enable Stream create authentication keys.
- Select and add the HMAC Key you created in the prerequisites.
- Save your changes.
For more information see Set up a livestream for DAI.