Caution
All movies are exposed UNAUTHENTICATED from DeoVRDeeplink/json/videoID/response.json
A plugin for Jellyfin that enables secure, expiring, signed video stream URLs for use with DeoVR and other clients needing quick access to individual media files without exposing your Jellyfin credentials.
- UI Changes: adds a Play in DeoVR button
- Secure signed links: Temporary, HMAC-signed links for proxying video streams.
- Expiry enforcement: Links are only valid for a twice the film length.
- Chunked proxy streaming: Efficient forwarding without direct Jellyfin API exposure.
- DeoVR-compatible JSON responses: Works seamlessly with DeoVR.
- Jellyfin Media Server with a valid https certificate
- .NET 8.0 SDK or later (for building)
- DeoVR for testing client integration (optional)
- Add the manifest
https://raw.githubusercontent.com/toastyice/DeoVRDeeplink/master/manifest.json
as a Jellyfin plugin repository to your server. - Install the plugin
DeoVRDeeplink
from the repository. - Restart the Jellyfin server.
- In the Jellyfin dashboard, configure:
- Proxy Secret: (A strong random string used for signing proxy URLs).
- Fallback Projection Type: (Force a projection type if the film's metadata does not indicate the mode.).
- Fallback Stereo Mode: (Force a stereo mode if the film's metadata doesn't indicate it).
- IP Restriction: (Configure IP restrictions for the json and proxy endpoints).
- DeoVR Integration:
Click the Open in DeoVR button
- Streams are protected with expiring, HMAC-signed tokens.
- Links cannot be forged or reused after expiry.
- Secret is never sent to the client.
- The expiry time is twice the length of the film.
- Optional IP restrictions
- endpoints:
/DeoVRDeeplink/ClientScript
/DeoVRDeeplink/Icon
/DeoVRDeeplink/json/<MovieUUID>/response.json
/DeoVRDeeplink/proxy/<MovieUUID>/<Expiry>/<Signature>/stream.mp4
- Fork and clone this repository.
- Build with your preferred .NET IDE or
dotnet
CLI. - Contributions and PRs welcome!
This is most likely related to wrong permissions for the index.html
file.
If you're running jellyfin in a docker container, you can change the ownership with thie following command (replace jellyfin with your containername, user and group with the user and group of your container):
docker exec -it --user root jellyfin chown user:group /jellyfin/jellyfin-web/index.html && docker restart jellyfin
You can run this as a cron job on system startup.
(Thanks to muisje for helping with this solution)
- Navigate to:
C:\Program Files\Jellyfin\Server\jellyfin-web\
- Right-click on
index.html
→Properties
→Security tab
→ Click onEdit
- Select your user from the list and check the Write
permission
box. - Restart both the server and client.
(Thanks to xeuc for this solution)
If this does not work, please follow the discussion in this (or this) issue.
Make sure that your Jellyfin server is configured to use HTTPS and that it has a valid certificate. If you are using a reverse proxy, check that everything is set up correctly.
If you encounter any error which you can't solve yourself, feel free to open up an issue.
Please keep in mind that any system is different which can lead to unexpected behaviour, so add as much information about it as possible.
Jellyfin logs and console logs from the browser (prefixed as [InPlayerEpisodePreview]) are always useful.
- This plugin was inspired by a lack of a proper VR player that supports Jellyfin
- Jellyfin Media Server
- DeoVR
- InPlayerEpisodePreview (Heavily inspired the way the UI is edited)
Happy streaming!