ApiRTC
BlogSupportSign UpConsole
  • ApiRTC Developer Portal
  • Status Page
  • What is ApiRTC?
    • Key Concepts
    • ApiRTC Architecture
    • Supported browsers
      • Vintage Browsers Compatibility
    • Billing
    • Product Roadmap and releases
  • Terms & Privacy Policies
    • 🍪Cookies
  • Get help & support
  • ApiRTC JS Library
    • QuickStart Guide
    • Where to find ApiRTC library?
    • Developers Guide
    • Video Communication LifeCycle
    • Demo App & Resources
    • Authentication
    • SDKs & Frameworks
      • ReactJS Libraries
        • Getting Started with ApiRTC React Hooks
        • ApiRTC React Hook Lib Reference
      • ReactNative library
      • Android SDK Reference
      • iOS SDK Reference
    • ApiRTC.js Reference
    • Changelog
  • REST APIs & Integration
    • Introduction
    • Apizee REST APIs
    • 3rd-party software integration
    • Webhooks
    • Rate Limits
    • Try it out
  • Other Resources
    • SDK License Agreement
    • ApiRTC Website
    • Blog
    • ApiRTC Community Github
Powered by GitBook
On this page
  • Anonymous user
  • Authentication via login/password
  • Authenticate with a JWT token
  • More about the JWT authentication
  • How to forge a JWT
  • Continue reading about JWT Authentication
Edit on GitHub
  1. ApiRTC JS Library

Authentication

ApiRTC APIs accept several authentication mechanisms

Anonymous user

Anonymous/unidentified users can use ApiRTC library through your apiKey only.

Be mindful that your apiKey is readable by any user.

// Declare a new anonymous UserAgent
// - be mindful of the uri starting by 'apiKey:"
var ua = new apiRTC.UserAgent({uri: 'apiKey:#HERE_YOUR_APIKEY#' });
ua.register({cloudUrl: 'https://cloud.apirtc.com'})
     .then( session => {...});

Authentication via login/password

ApiRTC library and REST APIs supports login/password authentication.

However, for any frontend implementation, we recommend to use a JWT to avoid leaking your identifiers publicly.

// Declare a UserAgent pointing to an existing ApiRTC user account
// - be mindful of the uri starting by 'apirtc:"
var ua = new apiRTC.UserAgent({uri: 'apirtc:#your.login.apirtc@email.com#' });

//Pass your password when registering
ua.register({cloudUrl: 'https://cloud.apirtc.com', password: '#YOUR_PASSWORD_HERE#'})
    .then( session => {...});

Authenticate with a JWT token

ApiRTC library is accepting JWT authentication, whether the token is emitted:

  • by the ApiRTC platform through the authentication endpoint,

// Declare a new anonymous-like UserAgent
// - be mindful of the uri starting by 'apiKey:"
var ua = new apiRTC.UserAgent({uri: 'apiKey:#HERE_YOUR_APIKEY#' });

//When registering, 
ua.register(
    {cloudUrl: 'https://cloud.apirtc.com', 
    id: '#USER_ID#',
    token: "#JWT_STRING_HERE#"})
    .then( session => {...});

More about the JWT authentication

The authentication call-flow is illustrated below:

How to forge a JWT

jsonwebtoken.sign({
    grants: {
      apiRTC_UserAgent_Id: '#YOUR_USER_ID#'
    }
  },
  '#YOUR_SECRET_HERE#',
  {
    header: {
      typ: 'JWT'
    },
    algorithm: 'HS256',
    subject: '#YOUR APIKEY_HERE#',
    audience: 'apiRTC',
    expiresIn: 3600,
    jwtid: uuidv4()
  });
  • #YOUR_USER_ID# is the user identifier used in the external user management system,

Continue reading about JWT Authentication

PreviousDemo App & ResourcesNextSDKs & Frameworks

Last updated 2 years ago

or by any external authentication server that respect the .

To understand the JWT format, here is a code sample using the authentication module:

#YOUR_SECRET_HERE# is a secret key that you get from the interface,

#YOUR APIKEY_HERE# is an apiKey you get from the .

JWT standard
jsonwebtoken
ApiRTC authentication configuration
ApiRTC console
Access token : Using JSON Web Token (JWT) for session authentication
JWT: The Complete Guide to JSON Web Tokens
Introduction to JSON Web Tokens