To connect to Vidyo.io, the VidyoClient SDK needs to pass a token. A token is a short-lived authentication credential that grants access to the Vidyo.io service on behalf of the developer to a specific user. When an endpoint requests access to the service, your application backend should generate a token and pass it on to the client application.
Important: Never generate a token in the client application itself - this exposes your DeveloperKey which can then be used by other developers.
For each application, you must create a DeveloperKey and ApplicationID in the API Key section of the Vidyo.io site and securely store it in your application backend. Then, each time you need to grant access to the Vidyo.io service, you must generate a Token from the DeveloperKey and ApplicationID as described below and pass it to their endpoint application or the VidyoConnector application.
Tokens can be rather long (typically 200 characters or more), so plan accordingly.
DeveloperKey and ApplicationID are “static” in your application. You will also need to provide a user name and an expiration time whenever you need to generate a token for a user.
A DeveloperKey is a shared secret between the Vidyo.io service and the developer’s backend application. It is used to generate access tokens on the customer backend and should never be sent to the endpoint itself. Access to the DeveloperKey should be restricted since every token that is signed by it will be used for access and billing.
The ApplicationID identifies your application when connecting to the Vidyo.io platform. You can automatically provision any user (for example, user1@ApplicationID) when generating a token.
A token is associated to a specific user in Vidyo.io. To that end, when a token is generated, a user name needs to be provided. The user name is an open-ended alphanumeric string ([a-z,A-Z,0-9]) of your choosing which will be provisioned on the fly.
Each token has a lifetime. Its lifetime is determined when the token is generated by specifying the number of seconds until it expires.
Expiration ensures that access to the system is secure and isn’t open to abuse.
python3 generateToken.py --key=rUlaMASgt1Byi4Kp3sKYDeQzo --appID=ApplicationID --userName=user1 --expiresInSecs=10000
java -jar generateToken.jar --key=rUlaMASgt1Byi4Kp3sKYDeQzo --appID=ApplicationID --userName=user1 --expiresInSecs=10000
node generateToken.js --key=rUlaMASgt1Byi4Kp3sKYDeQzo --appID=ApplicationID --userName=user1 --expiresInSecs=10000
GenerateToken.exe --key=rUlaMASgt1Byi4Kp3sKYDeQzo --appID=ApplicationID --userName=user1 --expiresInSecs=10000
Get and prepare these four items to pass to the VidyoClient SDK.
Use the following curl command:
curl -H “Content-Type: application/json” -X POST https://trro08dgr7.execute-api.us-east-1.amazonaws.com/dev/token_generate -d ‘{“key”: “xxxx”, “appID”: “xxxx.vidyo.io”, “userName”: “xxx”, “expiresInSecs”: “999999999”}’