When obtaining a stream URL from Angelcam API you might notice that the stream URL comes with a token. For instance, in the case of an HLS stream, the URL might look like this: http://m1.angelcam.com/stream/81/playlist.m3u8?token=xyz
For MJPEG and Fragmented MP4 streams, the token is validated only when the client connects to the stream. Therefore, as long as you stay connected to the stream, it won't expire. After disconnection, you need to query the API endpoint first and use a new stream URL.
For HLS streams, the token is validated continuously and your client implementation shouldn't rely on a certain expiration time. When the token expires, the Angelcam streaming server returns a permanent redirect 301 on a new valid URL. Your client implementation needs to be able to handle these redirects.
Most of the HTTP clients handle redirects automatically and you don't even have to deal with it. Unfortunately, media players sometimes use more simple HTTP clients which treat permanent redirects 301 as temporary redirects 302 and this might be the cause of your problem: these clients keep using the original URL (with the old token) and simply follow the redirect on every request. And once the original link expires, the client receives HTTP 401 response from Angelcam streaming server, and the playback ends.
😇 We are here to help
Just say hello@angelcam.com or check out Angelcam Community to connect with other users sharing their own experiences and insight into various security topics.