Protected scenes

Protected scenes allow you to take control of who can display them. Its main use case is for scenes behind paywall - when you do not want the scenes to be accessible by non-registered or non-paying visitors.

To display the protected scene you (site owner) need to obtain a special token and attach it to the scene's URL. The token is retrieved from the Kroscloud API using special secret key.

When end user opens the scene with valid token, the token is bind to its computer and is valid for 24H. If the user will share the link with someone else, the link will not work.

Protected scenes are available for Business accounts. You can mark the scene as Protected at Edit scene section, at Information menu.

How to implement protected scenes

1. Obtain API secret key from your Account setting page and store it somewhere in your backend logic. Keep it in secret. The key must be stored at your backend logic and MUST NOT be exposed to your frontend.

2. At your backend logic, before you display IFrame (or link) with the protected scene, call Kroscloud API at https://kroscloud.com/api/token?key={your secret key} to get a token.

Example backend implementation in ASP.NET MVC

3. Attach the returned token to the scene's URL at the token query parameter.

Example frontend implementation in ASP.NET MVC (View)

This flow needs to be executed every time you display a page with the protected scene. I.e. each time you display the scene, each time there will be a different token.

We are keen to help. If you will have any troubles with the implementation, do not hesitate to contact us.