Content Licensing

Appearance

Resources

Frequently asked questions

Tagged by topic so you can spot which path each answer applies to.

ConceptWhat is a channel?
A channel is a container of videolessons. You pass its id (from the catalog) so Osteocom can track which product your customer purchased. Each channel has its own language, and its videos are set in that language.
ConceptChannel vs video?
A channel is a set of videolessons; a video is one item that belongs to a channel. When your customer buys the channel, they're authorized to access the entire set of videos in it.
ConceptProduct vs channel?
They're the same thing. When Osteocom asks for a productId, it always means the channel's idChannel.
APIWhat is the userAccessKey?
It's a unique identifier per customer, returned by the Content authorization call. It stays the same for the same customer across purchases — if the input contains an existing identifier, Osteocom reuses the user rather than creating a new one. Call Content authorization on every purchase so Osteocom records the data and creates the activation; the customer can then access the content through the Video access call.
APIHow long do tokens last?
The video token (tokenAuthVideo) lasts 15 minutes from generation. A video already playing keeps playing after expiry, but a page refresh needs a fresh token. The login bearer token is longer-lived — regenerate it as needed.
APIDoes Osteocom store payment data?
No. Osteocom does not store sensitive purchase data such as credit-card information. The APIs handle only metadata about the price and purchased product, used for tracking and activation.
IframeDo I need a backend for the iframe?
No. The integration is fully client-side: you only embed an HTML <iframe> tag. Osteocom hosts the storefront card and runs the checkout — no API or server-side code on your side.
IframeHow does Osteocom know who my user is?
Through the partnerUserId query parameter in the iframe URL. It must be a stable, unique identifier of the user in your system — the same user must always be passed with the same id, otherwise Osteocom cannot match their previous purchases.
IframeWhere does the customer pay?
On Osteocom. When the customer clicks "Buy" inside the iframe, the navigation leaves the iframe (the main tab moves to Osteocom — no new tab) and the customer completes payment on Osteocom's checkout. This is intentional: payment forms must never live inside a third-party iframe.
IframeWhere does the customer find the course after buying?
After logging in to Osteocom, the customer clicks My Courses in the top navigation and plays the course as if they had bought it directly on Osteocom.
IframeThe iframe is blocked by the browser. What happened?
Most likely the hosting domain isn't in Osteocom's whitelist. Browsers enforce a Content-Security-Policy: frame-ancestors directive and block embeds from non-listed origins. Send your exact origin (scheme included, no trailing slash, no path) to your Osteocom contact. See Reference.
IframeDo I receive a webhook when a purchase happens?
No. Purchase state is read live every time the iframe loads, using the partnerUserId — so the next time the customer revisits the page they see the "Already purchased" state. If you need a reporting view over all purchases, ask your Osteocom contact about read-only admin access.

Built with VitePress.

Copyright © 2026 Osteocom