Authentication

Anonymous user

Anonymous/unidentified users can use ApiRTC library through your apiKey only.

// Declare a new anonymous UserAgent
// - be mindful of the uri starting by 'apiKey:"
var ua = new apiRTC.UserAgent({uri: 'apiKey:#HERE_YOUR_APIKEY#' });
ua.register({cloudUrl: 'https://cloud.apirtc.com'})
     .then( session => {...});

Authentication via login/password

ApiRTC library and REST APIs supports login/password authentication.

However, for any frontend implementation, we recommend to use a JWT to avoid leaking your identifiers publicly.

// Declare a UserAgent pointing to an existing ApiRTC user account
// - be mindful of the uri starting by 'apirtc:"
var ua = new apiRTC.UserAgent({uri: 'apirtc:#[email protected]#' });

//Pass your password when registering
ua.register({cloudUrl: 'https://cloud.apirtc.com', password: '#YOUR_PASSWORD_HERE#'})
    .then( session => {...});

Authenticate with a JWT token

ApiRTC library is accepting JWT authentication, whether the token is emitted:

• by the ApiRTC platform through the authentication endpoint,

• or by any external authentication server that respect the JWT standard.

More about the JWT authentication

The authentication call-flow is illustrated below:

How to forge a JWT

To understand the JWT format, here is a code sample using the jsonwebtoken authentication module:

• #YOUR_USER_ID# is the user identifier used in the external user management system,

• #YOUR_SECRET_HERE# is a secret key that you get from the ApiRTC authentication configuration interface,

• #YOUR APIKEY_HERE# is an apiKey you get from the ApiRTC console.

Continue reading about JWT Authentication

• Access token : Using JSON Web Token (JWT) for session authentication

• JWT: The Complete Guide to JSON Web Tokens

• Introduction to JSON Web Tokens