AMWA IS-10 NMOS Authorization Specification
About IS-10
What does it do?
- Allows an API server to accept or reject requests depending on what a client is authorized to do
Why does it matter?
- Security in the control plane is essential
- Best practice is to limit what clients can do
How does it work?
- Control client provides credentials and gets an access token
- Sends token with API requests
- Based on JSON Web Tokens and OAuth 2.0
- Encryption is a prerequisite (see BCP-003-01)
IS-10 has been developed by the Advanced Media Workflow Association as part of the Networked Media Open Specifications initiative. See here for an overview of NMOS specifications.
The NMOS Testing Tool creates a simple web service for testing implementations of all NMOS APIs.
The links to documentation, API and examples below, and for SPEC links in the page menu bar are for this release or branch: releases/v1.0.0. Links to other published releases and other live branches appear later in the page, or in the VERSIONS menu.
Documentation for release v1.0.0
APIs for release v1.0.0
JSON Schemas for release v1.0.0
Examples for release v1.0.0
Published Releases
Live Branches
The formal specification is provided in this GitHub repository. These pages render the documentation and APIs (which are specified in RAML and JSON Schema).
Repository | Default Branch | Lint (default) | Render (all) |
---|---|---|---|
is-10 | v1.0.x |