Skip to main content
Version: Android SDK v1.3.0

Sessions

The VideoKit object is automatically initialized on application start-up, but in order to communicate with our servers, you will need to start a session using your Video.io API token.

Get an API token

All Video.io APIs should be authenticated using the Video.io API token. To retrieve your token, login to dashboard.video.io and navigate to Apps → Your App → API TOKEN.

Start a session

As said, a session should be created before using any other Video.io API that communicates with our servers. What is the right moment to start a session?

  • If your app has no login system, the session can be safely started in Application.onCreate()
  • If users login into your app, the session should be bound to the login lifecycle. In other words, you can start a Video.io session whenever you know the user ID.

Sessions are started through the session manager (VideoKit.sessions()) and require you to pass the API token and an identifier of the current logged in user. This identifier is extremely important because performing certain operations on videos require a session that uses the same identifier with which the video was created for the first time.

val sessions: SessionManager = VideoKit.sessions()
sessions.start(TOKEN, currentUserIdentifier).onSuccess {
// Authenticated!
}.onError {
// Something went wrong.
}

As you can see, the start() method returns a Call object described here.

Start a session securely

To improve security, the session token management should be handled by your backend, following the flow:

  • your app communicates with your server, e.g. at login time, asking for a video.io session token
  • your server communicates with video.io using the REST API or the Node.js SDK, passing the API token and the user ID and receiving back the user session token.
  • your app receives the session token from server, and notifies the VideoKit SDK through the session manager:
val sessions: SessionManager = VideoKit.sessions()
sessions.start(sessionToken)

In this case no async Call object is returned - it is your responsibility to check that the session token is valid and not expired.

Scoped sessions

In addition to token and identifier, the session manager can take an array of strings identifying the user role and permissions. Please check the REST API documentation for a list of scopes and what then mean.

Stop a session

To clear the current session, simply call stop():

val sessions: SessionManager = VideoKit.sessions()
sessions.stop()

Check the session state

To access the current session, simply call get() or collect the session flow SessionManager.session. You can also add and remove session observers, which can be useful in certain scenarios.

val sessions: SessionManager = VideoKit.sessions()
val session: Session? = sessions.get()
sessions.addObserver(object : SessionManager.Observer {
override fun onSessionChanged(session: Session?) {
// Session changed!
}
})

Session loader

In addition or in replacement to the session management described above, you have the chance to provide a session loader object with the SessionManager.loader property.

VideoKit.sessions().loader = object : SessionLoader {
override suspend fun load(manager: SessionManager) {
// call manager.start() before returning!
}
override suspend fun load(manager: SessionManager, expired: Session) {
// call manager.start() before returning!
}
}

The loader callbacks will be invoked when trying to call a remote, authenticated API with no session or expired session. This way you have a chance to provide your own session when needed.