System overview
Shortkit is structured as three tightly integrated layers:- Client Layer - Your app embeds the Shortkit SDK, which handles feed UI, video playback, and event collection
- Platform Layer - API Gateway routes requests to backend services (Content, Feed, Analytics, Config, Ads, User Signals)
- Infrastructure Layer - CDN, transcoding pipeline, and storage handle video processing and delivery
Client SDK layer
The Client SDK is embedded within your host application. It handles:- Feed UI rendering - Vertical/horizontal scrolling video feed with configurable controls
- Video playback - Custom media pipelines with adaptive bitrate streaming
- Signal collection - Engagement events (impressions, watch time, completions)
- Remote configuration - Fetching config overlays and A/B test variants
- Ad integration - Native ad rendering via Google IMA SDK
Platform-specific implementations
| Platform | Player Architecture |
|---|---|
| iOS | Custom pipeline on AVFoundation (AVSampleBufferDisplayLayer, AudioToolbox). Bypasses AVPlayer to enable DASH, multi-codec ABR, and granular buffer control. |
| Android | Built on Media3/ExoPlayer with custom extensions for buffer management and signal collection. |
| React Native | Native bridge to iOS and Android implementations. Single SDK package detects platform and delegates accordingly. |
| Web | Custom player using hls.js (HLS) and dash.js (DASH) with unified API surface. |
Backend services
Content Service
Manages video assets throughout their lifecycle: creates content records on upload, triggers transcoding jobs, manages metadata, and handles state transitions (processing → ready → archived).Feed Service
Computes personalized, ranked feeds by applying the signal-weighted ranking algorithm, incorporating editorial overrides, enforcing content filters, and returning content with streaming URLs.Analytics Service
Ingests engagement events with real-time processing (ranking signals update within 60 seconds) and aggregate reporting for dashboards. Also tracks quality metrics like startup time and rebuffering.Config Service
Manages remote SDK configuration, A/B experiment definitions, and variant assignments. Delivers sparse config responses containing only fields that differ from defaults.Ad Service
Handles ad placement configuration, frequency rules, Google IMA integration, and aggregates ad performance metrics.User Signal Service
Stores per-user engagement profiles keyed by user ID or anonymous device ID. Tracks topic affinities and supports identity resolution when users authenticate.Infrastructure layer
Transcoding pipeline
On ingest, every video is processed into:- ABR ladder - Multiple quality renditions (1080p down to 144p) in H.264 and AV1 codecs
- Streaming manifests - HLS (.m3u8) and DASH (.mpd) outputs
- Thumbnails - First-frame images at each resolution
- Preview assets - Animated previews for mini-player widgets
CDN delivery
Video segments and assets are served via CDN with edge caching, origin shielding, signed URLs for access control, and custom domain support.Storage
Durable storage for original source files, transcoded segments, thumbnails, and caption tracks.Data flows
Video playback
- Your app displays the feed via the SDK
- SDK requests ranked content from
GET /v1/feed - Feed Service returns content list with signed streaming URLs
- SDK fetches HLS/DASH manifest from CDN
- SDK fetches and renders video segments
Content upload
- Your server requests an upload session via
POST /v1/uploads - API returns a signed upload URL
- Your server uploads the video file directly to storage
- Transcoding pipeline processes the video
- Webhook notifies your server when content is ready
Engagement tracking
- SDK batches engagement events locally
- SDK sends events via
POST /v1/events - Analytics Service processes events and updates ranking signals (within 60 seconds)
- Aggregated metrics appear in dashboards
Authentication model
Each organization receives two API keys:| Key Type | Prefix | Usage | Security |
|---|---|---|---|
| Publishable | pk_ | SDK initialization, feed requests | Safe for client-side code |
| Secret | sk_ | Server-to-server API, Admin Portal | Never expose in client code |
User identity
The SDK manages identity in two phases:- Anonymous - Device-generated UUID on first launch
- Identified - Your app’s user ID after authentication
Security
- All API communication over TLS 1.2+
- API keys hashed at rest
- Signed CDN URLs with configurable expiry (default: 6 hours)
- Webhook requests signed with HMAC-SHA256
- Per-organization data isolation