Authentication and Tokens

Management Token

Any service calling 100ms' REST APIs need to authenticate using a management token. The service required to generate this token should be hosted on your server

Sample management token generation code

var jwt = require('jsonwebtoken'); var uuid4 = require('uuid4'); var app_access_key = '<app_access_key>'; var app_secret = '<app_secret>'; jwt.sign( { access_key: app_access_key, type: 'management', version: 2, iat: Math.floor(Date.now() / 1000), nbf: Math.floor(Date.now() / 1000) }, app_secret, { algorithm: 'HS256', expiresIn: '24h', jwtid: uuid4() }, function (err, token) { console.log(token); } );

Warning

Don't expose management token to client apps.

App Token

App Token will be used by Client-side apps while instantiating 100ms' SDKs. It is used for joining the conference. This token generating service should be hosted on your server

Sample app token generation code

var jwt = require('jsonwebtoken'); var uuid4 = require('uuid4'); var app_access_key = '<app_access_key>'; var app_secret = '<app_secret>'; var payload = { access_key: app_access_key, room_id: '<room_id>', user_id: '<user_id>', role: '<role>', type: 'app', version: 2, iat: Math.floor(Date.now() / 1000), nbf: Math.floor(Date.now() / 1000) }; jwt.sign( payload, app_secret, { algorithm: 'HS256', expiresIn: '24h', jwtid: uuid4() }, function (err, token) { console.log(token); } );