Skip to content

Closed Alpha

FluxPlay is currently in Closed Alpha. This documentation is a work in progress and may be incomplete or out of date. Features, UI, and APIs are subject to change without notice. For access inquiries, please contact [email protected].

SHARE LINKS

Create secure, expiring links to share any media item with anyone — inside or outside your network. Password protection, viewer limits, and IP restrictions give you full control.

Share Without an Account

Recipients do not need a FluxPlay account. They open the link in any browser and can stream or download immediately — subject to whatever restrictions you configured when creating the link.

Capabilities

Link Creation

Create a share link for any media item, album, or playlist from the detail page or the share dialog.

Password Protection

Optionally require a password to access the link. Passwords are stored as Argon2id hashes — never in plaintext.

Expiry Controls

Set an expiry date and time after which the link becomes invalid. Expired links return a clear 410 Gone response.

Viewer Limits

Cap the number of unique viewers. Once the limit is reached, new visitors see a link-expired page.

IP Restrictions

Restrict access to specific IP addresses or CIDR ranges. Useful for sharing within a corporate network.

Download Controls

Choose whether the shared link allows downloading the original file or only streaming playback.

Link Options

The share dialog exposes all options in a single form. Every field is optional — a link with no options set is a permanent, unlimited, public link. Add restrictions as needed.

Available options

  • Password — Argon2id hashed; never stored in plain text
  • Expiry — Date/time in UTC; returns 410 after expiry
  • Max views — Unique IP count or total hit count
  • IP allowlist — CIDR notation; comma-separated
  • Allow download — Toggle file download vs stream-only

Password Security

Share link passwords are hashed with Argon2id before storage. When a visitor submits a password, it is verified against the hash without ever reconstructing the original value. Failed password attempts are rate-limited per link per IP to prevent brute-force access.

Next Steps

Quick Connect

Instant guest access via QR or 8-digit code

Playlists

Share entire playlists with invite-based access