Pen Settings



CSS Base

Vendor Prefixing

Add External Stylesheets/Pens

Any URL's added here will be added as <link>s in order, and before the CSS in the editor. If you link to another Pen, it will include the CSS from that Pen. If the preprocessor matches, it will attempt to combine them before processing.

+ add another resource


Babel includes JSX processing.

Add External Scripts/Pens

Any URL's added here will be added as <script>s in order, and run before the JavaScript in the editor. You can use the URL of any other Pen and it will include the JavaScript from that Pen.

+ add another resource


Add Packages

Search for and use JavaScript packages from npm here. By selecting a package, an import statement will be added to the top of the JavaScript editor for this package.


Save Automatically?

If active, Pens will autosave every 30 seconds after being saved once.

Auto-Updating Preview

If enabled, the preview panel updates automatically as you code. If disabled, use the "Run" button to update.

Format on Save

If enabled, your code will be formatted when you actively save your Pen. Note: your code becomes un-folded during formatting.

Editor Settings

Code Indentation

Want to change your Syntax Highlighting theme, Fonts and more?

Visit your global Editor Settings.


                <fieldset><legend>Create Policy Key</legend>

  <p>If you do not enter account information, a Brightcove sample account will be used.</p>

  <p>For more information on the options for policy keys, see the <a href="">Policy Key API Overview</a>.</p>
  <p>Account id: <input id="account_id" type="text" value="" placeholder="1752604059001" /></p>
  <p>Client id: <input id="client_id" type="text" size="60" value="" placeholder="c5d0a622-5479-46d8-8d8a-5f034b943fab" /></p>
  <p>Client secret: <input id="client_secret" type="text" size="60" value="" placeholder="w7NQYu0vUloM4GYYy2SXAxrvyFpt8fwI35qAFZcS13-VIgs0itwKNsAwHOS80sOWKJ1BUwHIvSFG2I" /></p>
    <p><input type="checkbox" id="search_enabled" checked> <label for="search_enabled">Search-enabled policy key?</label></p>
    <p><input type="checkbox" id="restrict_domains"> <label for="restrict_domains">Add domain restrictions?</label></p>
      Enter a comma-separated list of domains that are <strong>allowed</strong> (<code>,</code>)
        <input type="text" id="domain_list" size="60">
    <p><input type="checkbox" id="restrict_geo"> <label for="restrict_geo">Add geo restrictions?</label></p>
      Enter a comma-separated list of country abbreviations (<code>us,usmil,pr,gu,vi,as,mp</code>)
        <input type="text" id="country_list" size="60">
      <p><input type="checkbox" id="disallowed"> <label for="disallowed">Viewing <strong>not</strong> allowed from these countries</label> (if unchecked, viewing is allowed <strong>only</strong> in these countries)</p>
    <p><input type="checkbox" id="require_ssai"> <label for="require_ssai">Require SSAI</label> (if unchecked, viewing is allowed <strong>only</strong> in these countries)</p>
  <p><button class="bcls-button" id="generateKey" style="color:#eeeeee;font-weight:normal">Create the Policy Key</button></p>
  <h4>API request</h4>
  <pre class="line-numbers">
  <code id="apiRequest" class="language-http">This will be filled in dynamically</code></pre>
  <h4>Request body</h4>
  <pre class="line-numbers">
  <code id="requestBody" class="language-json">This will be filled in dynamically</code></pre>

  <h4>Policy Key</h4>
    <textarea name="policy_key" id="policy_key" cols="100" rows="3"></textarea>

  <h4>Full Response</h4>
  <pre class="line-numbers">
  <code id="apiResponse" class="language-json">This will be filled in dynamically</code></pre>


                /* * The body style is just for the
 * background color of the codepen.
 * Do not include in your code.
body {
  background-color: #111;
  color: #f5f5f5;
  font-family: sans-serif;
  margin: 2em;
 * Styles essential to the sample
 * are below
.bcls-code {
  color: #111;
  font-family: 'Source Code Pro',monospace;
  padding: 1em;
  width: 90%;
  min-height: 5em;
  background-color: #cfcfcf;
  font-size: 1rem;
.bcls-button {
  padding: .5em;
  background-color: #333;
  border: 1px yellow solid;
  border-radius: .5em;
  color: yellow;
  cursor: pointer;
fieldset {
  color: #64AAB2;
  border: 1px #64AAB2 solid;
  border-radius: .5em;

a {
  color: RGB(118, 174, 181);
code {
  color: #E4B842;
  font-family: 'Source Code Pro',monospace;


                var BCLS = (function() {
  var account_id = document.getElementById('account_id'),
    client_id = document.getElementById('client_id'),
    client_secret = document.getElementById('client_secret'),
    search_enabled = document.getElementById('search_enabled'),
    restrict_domains = document.getElementById('restrict_domains'),
    domain_list = document.getElementById('domain_list'),
    restrict_geo = document.getElementById('restrict_geo'),
    country_list = document.getElementById('country_list'),
    disallowed = document.getElementById('disallowed'),
    require_ssai = document.getElementById('require_ssai'),
    apiRequest = document.getElementById('apiRequest'),
    requestBody = document.getElementById('requestBody'),
    policy_key = document.getElementById('policy_key'),
    apiResponse = document.getElementById('apiResponse'),
    generateKey = document.getElementById('generateKey'),
    allButtons = document.getElementsByTagName('button'),
    // api urls
    proxyURL = '',
    baseURL = '',
    urlSuffix = '/policy_keys';

   * tests for all the ways a variable might be undefined or not have a value
   * @param {*} x the variable to test
   * @return {Boolean} true if variable is defined and has a value
  function isDefined(x) {
    if (x === '' || x === null || x === undefined) {
      return false;
    return true;

   * remove spaces from a string
   * @param {String} str string to process
   * @return {String} trimmed string
  function removeSpaces(str) {
    str= str.replace(/\s/g, '');
    return str;

   * disables all buttons so user can't submit new request until current one finishes
  function disableButtons() {
    var i,
      iMax = allButtons.length;
    for (i = 0; i < iMax; i++) {
      allButtons[i].setAttribute('disabled', 'disabled');

   * re-enables all buttons
  function enableButtons() {
    var i,
      iMax = allButtons.length;
    for (i = 0; i < iMax; i++) {

   * sets up the data for the API request
   * @param {String} id the id of the button that was clicked
  function setRequestData() {
    var options = {},
      body = {},
      callback = function(response) {
        response = JSON.parse(response);
        policy_key.value = response['key-string'];
        apiResponse.textContent = JSON.stringify(response, null, '  ');
    // disable buttons to prevent a new request before current one finishes
    options.url = baseURL + accountId + urlSuffix;
    options.requestType = 'POST';
    body['key-data'] = {};
    body['key-data']['account-id'] = accountId;
    if (search_enabled.checked) {
      body['key-data'].apis = ["search"];
    if (restrict_domains.checked && domain_list.value.length > 0) {
      body['key-data']['allowed-domains'] = removeSpaces(domain_list.value).split(',');
    if (restrict_geo.checked && country_list.value.length > 0) {
      body['account-id'] = accountId;
      body.geo = removeSpaces(country_list.value).split(',');
      if (disallowed.checked) {
        body.geo.exclude_countries = false;
      } else {
        body.geo.exclude_countries = true;
    if (require_ssai.checked) {
      body['key-data']['account-id'] = accountId;
      body['key-data']['require-ad-config'] = true;
    options.requestBody = JSON.stringify(body);
    if (isDefined(clientId) && isDefined(clientSecret)) {
      options.client_id = clientId;
      options.client_secret = clientSecret;
    options.proxyURL = proxyURL;
    apiRequest.textContent = options.url;
    requestBody.textContent = JSON.stringify(JSON.parse(options.requestBody), null, '  ');
    console.log('options', options);
    makeRequest(options, callback);

   * send API request to the proxy
   * @param  {Object} options for the request
   * @param  {String} options.url the full API request URL
   * @param  {String="GET","POST","PATCH","PUT","DELETE"} requestData [options.requestType="GET"] HTTP type for the request
   * @param  {String} options.proxyURL proxyURL to send the request to
   * @param  {String} options.client_id client id for the account (default is in the proxy)
   * @param  {String} options.client_secret client secret for the account (default is in the proxy)
   * @param  {JSON} [options.requestBody] Data to be sent in the request body in the form of a JSON string
   * @param  {Function} [callback] callback function that will process the response
  function makeRequest(options, callback) {
    var httpRequest = new XMLHttpRequest(),
      proxyURL = options.proxyURL,
      // response handler
      getResponse = function() {
        try {
          if (httpRequest.readyState === 4) {
            if (httpRequest.status >= 200 && httpRequest.status < 300) {
              response = httpRequest.responseText;
              console.log('response', response);
              // some API requests return '{null}' for empty responses - breaks JSON.parse
              if (response === '{null}') {
                response = null;
              // return the response
            } else {
              alert('There was a problem with the request. Request returned ' + httpRequest.status);
        } catch (e) {
          alert('Caught Exception: ' + e);
     * set up request data
     * the proxy used here takes the following request body:
     * JSON.stringify(options)
    // set response handler
    httpRequest.onreadystatechange = getResponse;
    // open the request'POST', proxyURL);
    // set headers if there is a set header line, remove it
    // open and send request

  function init() {
    // event handlers
    generateKey.addEventListener('click', function() {
      // get the inputs
      clientId = client_id.value;
      clientSecret = client_secret.value;

      // only use entered account id if client id and secret are entered also
      if (isDefined(clientId) && isDefined(clientSecret)) {
        if (isDefined(account_id.value)) {
          accountId = account_id.value;
        } else {
          window.alert('To use your own account, you must specify an account id, and client id, and a client secret - since at least one of these is missing, a sample account will be used');
          clientId = '';
          clientSecret = '';
          accountId = '1752604059001';
      } else {
        accountId = '1752604059001';
    policy_key.addEventListener('click', function() {;