Update DRM Policy

The Update DRM Policy endpoint modifies the access control rules for an existing container.

This endpoint can only be used if the container was created with:

{
  "dynamic": true
}

If dynamic was set to false during encoding, DRM policies cannot be modified.

Endpoint

PATCH /users/{user_id}/containers/{container_id}/drm

Base URL:

https://share.locktera.com/api/v1

Full request URL example:

https://share.locktera.com/api/v1/users/USER_ID/containers/CONTAINER_ID/drm

Authentication

All requests must include a valid API key.

Example request:

curl -X PATCH $BASE_URL/users/YOUR_USER_ID/containers/CONTAINER_ID/drm \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
        "downloadable": false,
        "recipients": ["new.user@company.com"]
      }'

Authentication and authorization are verified before DRM policies can be modified.

Path Parameters

container_id
Required. The unique identifier of the container.

Example:

123e4567-e89b-12d3-a456-426614174000

Request Body

You may update one or more DRM fields.

Common fields:

downloadable (boolean)
Allow or prevent downloading of contents.

recipients (array of strings)
List of allowed recipient email addresses.

time (object)
Restrict access to a time window.

ip (object)
Restrict access by IP address.

geo (object)
Restrict access by geographic location.

Example Request Body

{
  "downloadable": false,
  "recipients": [
    "security.team@company.com"
  ],
  "time": {
    "start": "2026-03-01T00:00:00Z",
    "end": "2026-04-01T00:00:00Z"
  },
  "ip": {
    "allow": ["203.0.113.10"]
  }
}

Only the fields provided in the request are updated. All other DRM policy fields remain unchanged.

Example Success Response

201 Created

The updated policy is immediately enforced on all future access attempts.

Example Error Responses

HTTP 404 Not Found

{
  "error": "not_found",
  "message": "Container not found"
}

HTTP 409 Conflict (Dynamic DRM not enabled)

{
  "error": "drm_locked",
  "message": "DRM policy cannot be modified for this container"
}

HTTP 401 Unauthorized

{
  "error": "unauthorized",
  "message": "Invalid API key"
}

HTTP 403 Forbidden

{
  "error": "access_denied",
  "message": "You do not have permission to modify this container"
}

What Happens When DRM Is Updated

When DRM policies are updated:

• The new rules replace previous policies
• All future access attempts are evaluated against the updated policy
• An audit event is recorded
• Previously authorized users may lose access

DRM updates do not modify encrypted file contents.

Important Notes

• Only containers created with dynamic: true can be updated
• DRM updates take effect immediately
• Existing audit logs are not modified
• Policy updates are recorded in audit logs

Updated DRM policies are cryptographically associated with the container and enforced on all future access attempts.

Retrieve DRM Policy

GET /users/{user_id}/containers/{container_id}/drm

Retrieve Audit Events

GET /users/{user_id}/containers/{container_id}/events

Decode Container

GET /users/{user_id}/containers/{container_id}/decode