Authentication

Have a look at the Authentication overview and Watch Together overview.

An Access Token is needed in order to allow a client to connect to a Session.

Note: It is important that the client application does not request an Access Token directly from the frontend. By doing that you risk exposing the API_TOKEN and API_SECRET.

  • To learn how to acquire an Access Token please look at the Cluster Authentication Server (CAS) reference

  • To simplify the tutorial, in the section below you can see an example of getting an Access Token.

Acquiring an Access Token

curl -iL --request GET --url https://YOUR_CAS_URL/stream/token/v2/ --header 'auth-api-key: API_KEY'   --header 'auth-api-secret: API_SECRET'

The Access Token is a JWT token - more about jwt you can read - here.

A successful response will look like that:

{
    "token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9...."
}

You can get your API_KEY and API_SECRET in your private area, here.

Note: Every Streaming Token corresponds to one specific Session only. To allow two different clients to connect to the same Session, the clients need to use the same Access Token.

Going to production

When moving from the Sandbox environment to production you will need to implement your own authentication server. This server will supply the various clients (Web, Android, and iOS) with a valid Access Token so that they can use the service.

For that you will need:

Last updated