For IVS you need a JWT token when playback authorization is enable for IVS. Looked to me like a simple JWT token creating, but regarding the docs of AWS IVS you need to use the ES384 algoritm; so I use that:
use Zenstruck\JWT\Token;
use Zenstruck\JWT\Signer\OpenSSL\ECDSA\ES384;
$privateKey = <<<EOD
-----BEGIN EC PRIVATE KEY-----
ABC=
-----END EC PRIVATE KEY-----
EOD;
// create the token
$token = new Token([
'aws:channel-arn' => 'arn:aws:ivs:eu-west-1:123456789:channel/ABCdefGHI',
'aws:access-control-allow-origin' => '*',
'exp' => time() + 86400,
]);
// sign the token
$token->sign(new ES384(), $privateKey);
$encodedTokenForUser = (string) $token;
This creates a token, but resulting in a error if you use it for the playback url:
"error": "crypto/ecdsa: verification error", "error_code": "invalid_playback_auth_token",
OpenSSL is enabled in PHP. What can be the issue seen as above? AWS docs are not very useful.