The Neovid built-in web server can process HLS stream data generated by the Playout module. HLS streams are published separately from the admin UI and REST API, so firewalls can be configured to allow access exclusively to streaming ports from public networks:

• HTTP access on port 7904
• HTTPS access on port 7944.

To get started, you need to configure file upload and then perform stream publishing.

Built-in HLS streaming is activated by selecting Neovid as the upload method in the Playout module configuration: Administrator Control Panel→Manage→Video IO Boards→Playout_N→HLS Parameters→Upload METHOD=Neovid. Enabling this option will direct HLS data output to the /run/buffer/xxxxx subfolder, where xxxx is an automatically generated unique identifier.

Through the Administrator Control Panel→Status→Playout_N→HLS Publishing menu, the operator can publish each HLS stream under a different unique key, which will create URLs like: http://IP_ADDR:7904/stream/unique_key/stream.m3u8.

Each URL can be activated separately without restarting the playback. Different recipients can be given their own URL, thus managing their access in a flexible way.

Parameter	Description
Publish	Opens a dialogue box for publishing an HLS stream SubPath - The path to the stream, including a unique user-defined key. Allowed group list - the user group list from the Storage module that will have access to this stream after being authorised. If the value is not set, access is performed without authorisation. Muted - setting this flag allows you to suspend publishing for the given URL while preserving the settings. For example, if you want to temporarily restrict access.
Unpublish	Deletes the selected URL from the publish list.
Mute
Unmute
Allowed Groups	Opens a window to edit the groups of users who have access to the HLS stream for the selected URL.{\
Show Urls	Opens a preview of the actual URLs with the current IP addresses of the server.
Close	Closes the stream publishing control window.

If a published stream is set to “Allowed group list”, then authorisation based on function API Keys is used to access such a stream. The key is passed in HTTP headers using the Cookie, where:

• API-Key-Cookie is the name of the cookie being passed.
• value - must contain a user's Api Key.

The server checks the passed Api Key value with the local key database on the server, obtains the groups associated with the user and checks against the groups specified by the Allowed group list option. If a match is found, the user is allowed access to the stream.

If the value in the “Allowed group list” parameter is not specified, then the Everyone group (a system group including all users) is used and access is granted without authorisation.