We offer customization solutions and support ([email protected]) | Visit us on bitbyte3 for complete VOD solutions with apps.
NixStream
Guides

Integrations

Edge media delivery, Vimeo, Google Drive, and Dropbox OAuth import

NixStream connects to external services for media import and local playback delivery. Configure integrations in Settings > Integrations.

Edge (local media delivery)

Edge (nixstream-edge) serves VOD HLS/DASH, images, thumbnail VTT, and live HLS through signed URLs. Local storage requires Edge to be connected before playback works.

Docker installs auto-start Edge, share Redis and EDGE_SIGNING_SECRET, and mark the integration connected. Manual installs set Edge base URL and run Test connection.

Edge settings

Set the public Edge base URL (what the player hits, e.g. https://edge.your-domain.com). Optional Require user or share-link auth binds sessions to logged-in users or share links for instant revocation (off by default). Max concurrent devices caps simultaneous playback per user when auth is on (0 means unlimited).

Off (default): Playback URLs are bearer tokens. Anyone with the link can play until the session TTL expires. Works when you rely on URL obscurity, short TTLs, or upstream access control.

On: Each minted session is tied to identity:

  • Authenticated users get user_id + epoch counter
  • Share/embed visitors get link_id + epoch counter (no login required)

Revoking access is immediate: password change, user ban, or account deletion increments the user's epoch and invalidates all their sessions. Share links use the same epoch pattern per link.

When enabled, configure Max concurrent devices to enforce a Netflix-style device cap. The oldest active session is dropped when a user exceeds the limit and starts a new playback.

See Security, Playback authorization for the full model.

EDGE_BASE_URL=https://edge.your-domain.com
EDGE_SIGNING_SECRET=your_shared_secret
EDGE_SESSION_TTL_VOD=7200
EDGE_SESSION_TTL_LIVE=21600

Tenant-specific Edge URL and auth settings are stored in the database (Settings model), not only in .env. See Environment Variables.


OAuth import

NixStream supports importing media from external platforms via OAuth. Imported files follow the same encoding pipeline as direct uploads.

IntegrationImport sourceAuth type
VimeoYour Vimeo videosOAuth 2.0
Google DriveDrive files (video)OAuth 2.0
DropboxDropbox files (video)OAuth 2.0

Connect each integration once per admin account. After authorization, browse remote files and import selected videos into a NixStream collection.

Vimeo

  1. Create a Vimeo app at developer.vimeo.com
  2. Set redirect URI: {APP_URL}/api/auth/vimeo/callback
  3. Add credentials to .env:
VIMEO_CLIENT_ID=your_client_id
VIMEO_CLIENT_SECRET=your_client_secret
VIMEO_REDIRECT_URI="${APP_URL}/api/auth/vimeo/callback"
  1. Connect in Settings > Integrations > Vimeo
  2. Browse and import videos from your Vimeo account

Vimeo scopes

Request scopes for video list and download. The exact scopes depend on your Vimeo app tier. Test with a single short video before bulk import.

Google Drive

  1. Create OAuth credentials in Google Cloud Console
  2. Set redirect URI: {APP_URL}/api/auth/google/callback
  3. Configure .env:
GOOGLE_CLIENT_ID=your_client_id
GOOGLE_CLIENT_SECRET=your_client_secret
GOOGLE_REDIRECT_URI="${APP_URL}/api/auth/google/callback"
  1. Connect in Settings > Integrations > Google Drive
  2. Browse and import video files from Drive

Configure the OAuth consent screen with your app name and authorized domains. Add your-domain.com to authorized domains for production.

Dropbox

  1. Create a Dropbox app at dropbox.com/developers
  2. Set redirect URI: {APP_URL}/api/auth/dropbox/callback
  3. Configure .env:
DROPBOX_CLIENT_ID=your_client_id
DROPBOX_CLIENT_SECRET=your_client_secret
DROPBOX_REDIRECT_URI="${APP_URL}/api/auth/dropbox/callback"
  1. Connect in Settings > Integrations > Dropbox
  2. Browse and import files

OAuth redirect URIs

OAuth redirect URIs must match APP_URL exactly. Use HTTPS in production.

Common mistakes: redirect mismatch (no trailing slash on APP_URL, match the provider console exactly), HTTP callbacks in production (use HTTPS), wrong port (include :8080 in APP_URL when you are not on 443).

After changing APP_URL, update all three *_REDIRECT_URI values and restart the app.

Import workflow

  1. Connect the integration (one-time OAuth)
  2. Open Videos > Import
  3. Select provider and remote file
  4. Choose target collection
  5. Confirm import

The file downloads to NixStream storage and enters the encoding queue. Status matches direct uploads: pending, processing, completed.

Token refresh

OAuth tokens refresh on their own when the provider allows it. If an integration disconnects, reconnect from Settings > Integrations.

Rate limits

External APIs impose rate limits (especially Vimeo). Large bulk imports may need to run in batches. Monitor queue logs during heavy import sessions.

Security notes

  • Store client secrets only in .env, never in the frontend
  • Revoke OAuth access from the provider console if you decommission an install
  • Imported files are copied to your storage; deleting the source on Vimeo/Drive does not remove NixStream copies

Import flow matches VOD Uploads. OAuth env vars: Environment Variables. HTTPS for callbacks: SSL / HTTPS.

On this page