Source Media Locations

A source media file must be specified only for AddMedia and AddMediaBenchmark actions.

Media Sources can be specified in a number of ways:

  • As a valid URL (simple string).
  • As a more complex set of parameters such as several URLs, and audio and video stream mapping parameters.
  • Blank Frame insertion.
<?xml version="1.0"?>
    <userid><<id>></userid> <!-- required -->
    <userkey><<key>></userkey> <!-- required -->
    <action>AddMedia</action> <!-- required -->
    <source>[SourceFile1]</source> <!-- required -->
        <!-- Source params -->
        <!-- Blank Frames params -->
    <format> <!-- required -->
        <!-- Format params --> 
    "query": {
        "userid": "<<id>>", // required
        "userkey": "<<key>>", // required
        "action": "AddMedia",  // required
        "source": [ // required
                "url": "[SourceFile2]"
                // Source params
                // Blank Frames params
        "format": { // required
            // Format params

Supported source media locations.

Source Location

Request Format

HTTP(s) Server

• http(s)://[user[:password]@]hostname[:port]/[path]/[filename]

FTP / SFTP Server

FTP is likely to only work with servers that support passive mode and appropriate firewall settings. We strongly recommend SFTP instead of FTP.

• ftp://[user[:password]@]hostname[:port]/[path]/[filename][?passive=yes]
• sftp://[user[:password]@]hostname[:port]/[path]/[filename]

Amazon Web Services (S3)

• http(s)://[bucket][filename]
• http(s)://[AWS_KEY:[email protected]][bucket][filename]
• http(s)://[bucket][filename]?X-Amz-Algorithm=[Algorithm]&X-Amz-Credential=[Credential]&X-Amz-Date=[Date]&X-Amz-Expires=[Expires]&X-Amz-SignedHeaders=[Headers]&X-Amz-Signature=[Signature]
— Pre-signed S3 URL NOTE: URL must be signed for GET.
• http(s)://[bucket][filename]?assume_role=[AssumedRoleUser]
— Assume Role for the specified user.

Rackspace CloudFiles

• http(s)://[RS_USER:[email protected]][path]/[filename]
• http(s):// — Virtual URL for Cloud Files. Sample below with authentication tomdashken.

Aspera Server

• fasp://[user[:password]@]hostname[:port]/[path]/[filename]

Microsoft Azure Blob

• http(s)://[access_key]@[account][container]/[path]
• http(s)://[account][container]/[path]?sig=[Signature]&se=[SignedExpiry]&sv=[SignedVersion]&sp=[SignedPermissions]&sr=[SignedResource]

OpenStack Cloud Storage

• http(s)://[user[:password]@]storage.[region][service-endpoint]/[container]/[object] — Oracle cloud storage:
• swift://[user[:password]@]hostname[:port]/v1/[tenant]/[container]/[object] – Swift tempauth(v1)
• swift://[user[:password]@]hostname[:port]/v2.0/[tenant]/[container]/[object] – Swift identity (v2)


• rtmp://[user[:password]@]hostname[:port]/[path]

S3 NetApp

• s3://[KEY[:SECRET]@]hostname[:PORT]/[path]

Pre-Signed Amazon AWS S3 URL query parameters




Signature algorithm.


Access Key and Scope


Signature date in format "yyyyMMddTHHmmssZ"


Expiration time in seconds


Headers list separated with ";" sign


Signature hash

Pre-Signed Microsoft Azure Blob URL query parameters




Signature hash


Signature expiration date in one of the ISO 8601 UTC formats


Signature service version


Permitted operations on the signed blob resource. Permissions may be combined.


Signed blob resource type



Adding ?passive=yes to the FTP URL forces transfer use Passive Mode for FTP.
The default is no, but this can be specified explicitly with ?passive=no.

Parameter ?disable-epsv in source URL disables extended passive mode.


For Amazon S3

  • If you don't specify an AWS key/secret, the object must have READ permission for AWS user
    1a85ad8fea02b4d948b962948f69972a72da6bed800a7e9ca7d0b43dc61d5869 (or for all users).
    See Amazon S3 ACL for details.

  • If you need your S3 files to be accessed with your own AWS credentials, add your AWS key/secret to the URL. If you use the Access key and Secret key, they must be distinctly URL encoded. For example, if your Key and the Secret are:


First, we must URL encode the Secret as it contains special characters: ':' , '/', and '+'. The URL encoded Secret is now:


You should NOT URL encode the colon between Key and Secret nor the '@' after them. So, the destination URL will be:
http://1ZG3YAKJ8W0VOA9L7WT6:lQT5MsQLirc8owb%3ASxX%2F9EhU4M%[email protected]/v/encoded/

Keep in mind the above URL encoding requirements are in addition to the full XML/JSON document urlencode when POSTing the request to our API.

  • Using specific S3 endpoints:
    To use specific endpoint replace ‘‘ in your S3 URL with one of the following:
















  • Do not forget to URL encode your AWS_SECRET per above.

  • See percent-encoding for more details on URLencoding.


For Aspera URL

To use private key authentication for Aspera you can include the SetHostKey parameter in your API request


For Microsoft Azure Blob

The access_key needs to be be url encoded, per the instructions in S3 above.


For Assume Role

Please use the following ARN arn:aws:iam::456240961796:root as a Principal in your Assume Role policy settings.
JSON policy: { "Sid": "__console_pub_0", "Effect": "Allow", "Principal": { "AWS": "arn:aws:iam::456240961796:root" }, "Action": "sts:AssumeRole" }


For Assume Role

You can use ExternalID when accessing your S3 using AssumeRole.
To do that, please visit your account page in the UI. In the section "AWS Assume Role External ID" either generate a new External ID or copy an existing one, and then set up your AssumeRole policy so that it requires ExternalID.