Skip to main content
Android
iOS
Web
Electron

Authenticate REST calls

Before using RESTful API, set up REST authentication. The following REST authentication methods are available:

  • AccessToken2 authentication

    Fill in the Authorization field with agora token= followed by the Signaling SDK AccessToken2 generated from your server.

  • AccessToken authentication

    You need to fill the x-agora-token and x-agora-uid fields in the request header with the following information:

    • The Signaling SDK AccessToken generated from your server
    • The Signaling SDK user ID used to generate the Signaling token

    Implement HTTP basic authentication or token authentication on the server; otherwise, you may encounter the risk of data leakage.

info

Implement authentication on the server to mitigate the risk of data leakage.

Implement token authentication

  1. Generate the token for your app.

  2. Enter the Signaling token and the Signaling user ID into the x-agora-token and x-agora-uid fields of the HTTP request header, respectively.

AccessToken2 authentication sample code

The following sample codes implement AccessToken2 authentication and send a request with the Signaling RESTful API to get Signaling user events.

import java.io.IOException;import java.net.URI;import java.net.http.HttpClient;import java.net.http.HttpRequest;import java.net.http.HttpResponse;// Token authentication example in Java using the Signaling user events RESTful APIclass TokenAuthExample {    public static void main(String[] args) throws IOException, InterruptedException {        // Signaling token        final String tokenValue = "input your token value here";        // App ID        final String appID = "input your app ID here";        String urlStr = String.format("https://api.agora.io/dev/v2/project/%s/rtm/vendor/user_events", appID);        String authValue = String.format("agora token=%s", tokenValue);        // Create request object        HttpRequest request = HttpRequest.newBuilder()                .uri(URI.create(urlStr))                .GET()                .header("Authorization", authValue)                .header("Content-Type", "application/json")                .build();        // Send request        HttpClient client = HttpClient.newHttpClient();        HttpResponse<String> response = client.send(request,                HttpResponse.BodyHandlers.ofString());        System.out.println(response.body());    }}

AccessToken authentication sample code

The following sample codes implement AccessToken authentication and send a request with the Signaling RESTful API to get Signaling user events.

import java.io.IOException;import java.net.URI;import java.net.http.HttpClient;import java.net.http.HttpRequest;import java.net.http.HttpResponse;import java.util.Base64;// Token authentication example in Java using the Signaling user events RESTful APIpublic class Base64Encoding {    public static void main(String[] args) throws IOException, InterruptedException {        // Signaling Token        String token = "Your Signaling token";        // User ID used to generate the Signaling token        String uid = "test_user";        HttpClient client = HttpClient.newHttpClient();        // Create request object        HttpRequest request = HttpRequest.newBuilder()                .uri(URI.create("https://api.agora.io/dev/v2/project/<Your App ID>/rtm/vendor/user_events"))                .GET()                // Add the x-agora-token field to the header                .header("x-agora-token", token )                // Add the x-agora-uid field to the header                .header("x-agora-uid", uid)                .header("Content-Type", "application/json")                .build();        // Send request        HttpResponse<String> response = client.send(request,                HttpResponse.BodyHandlers.ofString());        System.out.println(response.body());    }}
vundefined