Retrieve DRM Policy

The Retrieve DRM Policy endpoint returns the current access control rules (DRM policy) for a container.

Use this endpoint to inspect who can access a container and what restrictions are currently enforced.

Endpoint

GET /users/{user_id}/containers/{container_id}/drm

Base URL:

https://share.locktera.com/api/v1

Full request URL example:

https://share.locktera.com/api/v1/users/USER_ID/containers/CONTAINER_ID/drm

Authentication

All requests must include a valid API key in the Authorization header.

Example request:

curl -X GET $BASE_URL/users/YOUR_USER_ID/containers/CONTAINER_ID/drm \
  -H "Authorization: Bearer YOUR_API_KEY"

Authentication and authorization are verified before DRM policy information is returned.

Path Parameters

container_id
Required. Unique identifier of the container whose DRM policy is returned.

Example:

123e4567-e89b-12d3-a456-426614174000

Example Success Response

{
  "dynamic": true,
  "downloadable": false,
  "recipients": [
    "authorized.user@company.com"
  ],
  "time": {
    "start": "2026-01-01T00:00:00Z",
    "end": "2026-02-01T00:00:00Z"
  },
  "ip": {
    "allow": [
      "198.51.100.10"
    ]
  },
  "geo": {
    "block": [
      { "country": "CN" },
      { "country": "RU" }
    ]
  }
}

This response represents the current access rules enforced for the container.

Response Fields

dynamic
Whether the DRM policy can be updated after container creation.

downloadable
Whether content can be downloaded.

recipients
List of allowed recipient emails.

time
Optional access window. Requests outside this window are denied.

ip
Optional IP allow-list. Requests from other IPs are denied.

geo
Optional geographic restrictions.

Example Error Responses

HTTP 404 Not Found

{
  "error": "not_found",
  "message": "Container not found"
}

HTTP 401 Unauthorized

{
  "error": "unauthorized",
  "message": "Invalid API key"
}

HTTP 403 Forbidden

{
  "error": "access_denied",
  "message": "You do not have permission to view DRM policy for this container"
}

Important Notes

• This endpoint returns the currently enforced policy for the container
• DRM rules are evaluated on every access attempt
• If dynamic is false, policies cannot be modified after container creation
• Use Update DRM Policy to modify rules when dynamic DRM is enabled

DRM policies are cryptographically associated with the container and enforced independently of storage location.

Update DRM Policy

PATCH /users/{user_id}/containers/{container_id}/drm

Decode Container

GET /users/{user_id}/containers/{container_id}/decode

Retrieve Audit Events

GET /users/{user_id}/containers/{container_id}/audit