We are starting to use Stream Packaging and have some questions regarding token authentication that don't appear to be addressed in the documentation. Specifically,
- Does the token protect only the top level manifest (or does it protect all manifest and segments)?
- Can URL query string tokens be used (instead of cookies) for 1st-level manifest and segments for authorization?
- Once an event finishes (content becomes VoD), are the same tokens/cookies needed to access the VoD?
Any insight would be appreciated!