Add allowed referer with bunny.net API

July 19, 2024
Tomasz Dzierżanowski

1. Introduction

In bunny.net video hosting you can limit list of possible domains that can host your video. You can do it within graphical interface but when you are managing multiple websites and multiple video libraries then much better is to run API calls.

In this tutorial I am going to show you how quickly add domain to the list of allowed referrers.

2. API structure

When you look into API call you can decide from which endpoint you want to control access. Right now there are 2 possibilities “Stream Video Library” and “Pull Zone”

These settings can be controlled via UI. In background regular API calls are sent to the bunny net servers so this is simply graphical wrapper over API.

2.1. Stream Video Library access

You need to know your video library id in order to use this call. You can get it by looking into URL address in web browser. Optionally you can list all video libraries via below query

				
					curl --location 'https://api.bunny.net/videolibrary' \
--header 'AccessKey: 9e1f62a6-2d28-4646-b039-c3afbd0da3f5'

example response

				
					[
    {
        "Id": 489294,
        "Name": "free_courses",
        "VideoCount": 2,
        ...

2.1.1. Allowed Referer

Because you got ID, now you can limit access to video by pointing to exact domain.

				
					curl --location 'https://api.bunny.net/videolibrary/489294/addAllowedReferrer' \
--header 'Content-Type: application/json' \
--header 'AccessKey: 9e1f62a6-2d28-4646-b039-c3afbd0da3f5' \
--data '{
    "Hostname": "toughcoding.net"
}'

To rollback run below

				
					curl --location 'https://api.bunny.net/videolibrary/489294/removeAllowedReferrer' \
--header 'Content-Type: application/json' \
--header 'AccessKey: 9e1f62a6-2d28-4646-b039-c3afbd0da3f5' \
--data '{
    "Hostname": "toughcoding.net"
}'

2.1.2. Blocked Referer

If you want to allow all possible domains to access content but reject only few use below API

				
					curl --location 'https://api.bunny.net/videolibrary/489294/addBlockedReferrer' \
--header 'Content-Type: application/json' \
--header 'AccessKey: 9e1f62a6-2d28-4646-b039-c3afbd0da3f5' \
--data '{
    "Hostname": "toughcoding.net"
}'

for rollback run below

				
					curl --location 'https://api.bunny.net/videolibrary/489294/removeBlockedReferrer' \
--header 'Content-Type: application/json' \
--header 'AccessKey: 9e1f62a6-2d28-4646-b039-c3afbd0da3f5' \
--data '{
    "Hostname": "toughcoding.net"
}'

2.2. Pull zone referer

Behind every video library there is pull zone and storage, even if you do not create it explicitly. Therefore it brings additional layer to control on.

How to get Pull Zone ID ?

Call below API to get it

				
					curl --location 'https://api.bunny.net/videolibrary/489294' \
--header 'AccessKey: 9e1f62a6-2d28-4646-b039-c3afbd0da3f5'

example response

				
					{
    "Id": 489294,
    "Name": "free_courses",
...
    "PullZoneId": 8743245,
    "StorageZoneId": 899655,

2.2.1. Allowed Referer

Similar situation to video library, just different URL.

				
					curl --location 'https://api.bunny.net/pullzone/8743245/addAllowedReferrer' \
--header 'Content-Type: application/json' \
--header 'AccessKey: 9e1f62a6-2d28-4646-b039-c3afbd0da3f5' \
--data '{
    "Hostname": "pullzone.toughcoding.net"
}'

Now you can verify changes by getting information about pull zone

				
					curl --location 'https://api.bunny.net/pullzone/8743245' \
--header 'AccessKey: 9e1f62a6-2d28-4646-b039-c3afbd0da3f5'

response

				
					{
    "Id": 8743245,
    "Name": "vz-28aoidja-n44",
...
    "AllowedReferrers": [
        "*.bunnycdn.com",
        "*.bunny.net",
        "pullzone.toughcoding.net"
    ],
    "BlockedReferrers": [],
    "BlockedIps": [],
    
...

To Rollback changes

				
					curl --location 'https://api.bunny.net/pullzone/8743245/removeAllowedReferrer' \
--header 'Content-Type: application/json' \
--header 'AccessKey: 9e1f62a6-2d28-4646-b039-c3afbd0da3f5' \
--data '{
    "Hostname": "pullzone.toughcoding.net"
}'

2.2.2. Blocked Referer

In order to block do

				
					curl --location 'https://api.bunny.net/pullzone/8743245/addBlockedReferrer' \
--header 'Content-Type: application/json' \
--header 'AccessKey: 9e1f62a6-2d28-4646-b039-c3afbd0da3f5' \
--data '{
    "Hostname": "toughcoding.net"
}'

to rollback

				
					curl --location 'https://api.bunny.net/pullzone/8743245/removeBlockedReferrer' \
--header 'Content-Type: application/json' \
--header 'AccessKey: 9e1f62a6-2d28-4646-b039-c3afbd0da3f5' \
--data '{
    "Hostname": "toughcoding.net"
}'

3. Summary

In this knowledge article you have learned how add/remove domain names to list of allowed/blocked referrers. This skill will help you control access to your video content.

Have a nice coding!

Help toughcoding

If this article help you somehow please share with your friends and consider saying me "Thank you". Small gesture for You but big for Us.

Say Thank You!

Enjoy Free Useful Amazing Content

Everything You Should Know Fields Storage And Retrieval In Elasticsearch

Table of Contents 1. Introduction Elasticsearch is document database. Documents can contain plain or nested fields. This fields have a

Don’t you know Hadoop Integration for Docker Elasticsearch?

Table of Contents 1. Introduction There are people who do backup and people who will do backup. Therefore in Elasticsearch