Blue Billywig does not have a built-in login or payment module. However, it is possible to gate video content (whether behind a login wall or a pay-per-view flow) by combining Content Protection Policies (token type) with your own authentication or payment system.
1.0 | How it works
The mechanism is the same for both login and payment use cases:
- A Content Protection Policy with a token rule is applied to the clip or channel. Without a valid token, the player blocks playback.
- When playback is blocked, the BB player fires a
contentblockedevent on the player element. - Your page listens for that event and shows a login prompt or payment button to the visitor.
- After the visitor logs in or completes payment, your backend generates a signed JWT token and reloads the player with the token appended to the embed URL (
?jwt=...). - The player validates the token and starts playback.
The token is temporary; you configure how long it remains valid.
2.0 | Live Demo
A visitor lands on a page with a protected video. Because they are not logged in, no token is present and the player fires contentblocked. The page catches the event and shows a login or registration prompt. After a successful login, your backend generates a JWT token and the page reloads the player with that token.
The contentblocked event fires during player initialisation, not on user interaction. Register the listener at the document level in a synchronous script that runs before the player script, so it is ready in time. To avoid showing the popup before the visitor clicks, use a flag combined with a click handler on the player element.
// Place this in a synchronous <script> before the BB player embed script
var _bbBlocked = false;
document.addEventListener("contentblocked", function () {
_bbBlocked = true;
});
document.querySelector(".player-wrapper").addEventListener("click", function () {
if (_bbBlocked) showLoginModal();
});Live demo:
3.0 | What Blue Billywig provides
- Content Protection Policy (token type) configured in Publication Settings. Learn more about Content Protection Policies.
- JWT and TOTP token validation on every play request. Learn more about Content Protection: Token Authentication.
- The
contentblockedevent, including areasonfield (Geo,Domain,IpAddress,Subscription,SharedSecret,BadRequest).
4.0 | What you need to build
- A backend endpoint that generates a signed JWT token after a successful login or payment.
- A payment or authentication flow integrated into your website.
- A page that listens to
contentblockedand shows the appropriate prompt. - A redirect or player reinitialisation with the generated token appended to the embed URL.