What is proper 'expiry' value when invoking client.appToken.startSession?

We wrote the Python (3.8) code below, which uses KalturaApiClient version 17.18.0. The ‘expiry’ value we set is 900000.

Our Kaltura API sessions often succeed, and they sometimes fail with “Error ‘-1, INVALID_STR’ (INVALID_KS).” In regard to the ‘expiry’ value, I have assumed that a KS session would expire after N seconds, where N is the value of ‘expiry’ but that seems untrue. The average duration of our successful Kaltura API sessions are longer than the average duration of our failed Kaltura API sessions.

Two questions:

  1. What is expected of the ‘expiry’ value? Is it seconds-since-Epoch or seconds-from-now or something else?
  2. What does “Error ‘-1, INVALID_STR’ (INVALID_KS)” tell us?
expiry = app.config['KALTURA_EXPIRY']
partner_id = app.config['KALTURA_PARTNER_ID']

self.client = KalturaClient(KalturaConfiguration())
result = self.client.session.startWidgetSession(

token_hash = hashlib.sha256((result.ks + app.config['KALTURA_APP_TOKEN']).encode('ascii')).hexdigest()
result = self.client.appToken.startSession(


The params you’re passing when calling appToken.startSession() are incorrect.
See full example for using the appToken service with the Python client here: Kaltura API: Use of appToken gives "access to service [schedule_scheduleevent->list] is forbidden" - #3 by jess

As well as general documentation and an interactive console and code generator here: https://developer.kaltura.com/console/service/appToken/action/startSession

In terms of the expiry (5th argument in the method/action’s signature), it should be an integer representing the number of seconds you want this session to be valid for, default is 86400, or, one day.