Skip to main content

Server Setup

To begin working with the VideoSDK, you need to setup a server that can authenticate & validate your API key and secret which we generated in the previous step. Follow this Signup & Create API Key if you haven't generated API key and secret.

For server setup, you'll need the following APIs:

  1. GET get-token : By providing API key and secret, this API will return accesstoken. We'll discuss in depth how to achieve it.

  2. POST create-meeting : By providing generated access token, this API will return dash(-) separated meetingId, for example abc-pqr-xyz.

  3. POST validate-meeting/:meetingId : By providing generated meetingId as a path parameter, this API will only validate the provided meetingId and return a 200 statusresponse. This API is for verification purpose only [OPTIONAL].

note

You can integrate this APIs in client side also.

Why we use token based Authentication ?

Token based authentication allow users to verify their identity by providing generated API key and secrets.

  • Your server will generate access token using your API key and secret
  • Your client obtains token from your backend server.
  • For token validation, client will pass this token to VideoSDK.
  • VideoSDK server will only allow entry in meeting if the token is valid.

Here is the simple sequence diagram represents the authentication.

sequenceDiagram Your App Client->>Your App Server: Request for token; activate Your App Server; Note left of Your App Server: Generate token; Your App Server-->>Your App Client: Received token; deactivate Your App Server; Your App Client->>VideoSDK Server: Request to establish connection; activate VideoSDK Server; Note left of VideoSDK Server: Validates Token; VideoSDK Server-->>Your App Client: Connection established; deactivate VideoSDK Server;

Code Sample

For Node server environment, refer this GUIDE, download the code sample videosdk-rtc-nodejs-sdk-example and for other server environment you can continue with below topic.

Generate Accees Token and integrate other API's

For security, every participant that connects to meeting needs a access token. By substituting apikey and permissions in it.

var jwt = require("jsonwebtoken");
var uuid4 = require("uuid4");

// Need to generate from app.videosdk.live
const API_KEY = "API_KEY_GENERATED";
const SECRET_KEY = "API_SECRET_KEY_GENERATED";

jwt.sign(
{
apikey: API_KEY,
permissions: ["allow_join"], // Permission to join the meeting
},
SECRET_KEY,
{
algorithm: "HS256",
expiresIn: "24h",
jwtid: uuid4(),
},
function (err, token) {
console.log(token);
}
);

Available permissions are:

  • allow_join: The participant is allowed to join the meeting directly.
  • ask_join: The participant requires to ask for permission to join the meeting.
  • allow_mod: The participant is allowed to toggle webcam & mic of other participants.

For other APIs you can follow Create Meeting & Validate Meeting.