Session
In order to communicate with our infrastructure, you need to setup a session and initialize VideoKit with an API token for your App.
To enhance security, VideoKit supports two authentication mechanisms to verify users before accessing our video services: App ID or by Session Token.
| Authentication | Description | Security |
|---|---|---|
| API Token | One Token for all requests | Low security since App Token needs to be shipped with your client builds and could be taken over by reverse engineering your build. |
| Session Token | Every client gets their own session token | High security because every client retrieves their own authentication token through your backend. |
Get API Token for your App
First, you need to access your secret API token that consists of your App ID and a specific Token for authenticating with our backend.
To retrieve your token, login to dashboard.video.io and navigate to Apps → Your App → API TOKEN.
API Token Authentication (less secure)
Go to your AppDelegate and import VideoKitCore.
import VideoKitCore
Call VKSession.current.start from your AppDelegates didFinishLaunchingWithOptions:
func application(_ application: UIApplication, didFinishLaunchingWithOptions launchOptions: [UIApplicationLaunchOptionsKey: Any]?) -> Bool {
VKSession.current.start(
apiToken: "your-api-token-from:dashboard.video.io",
identity: "a-unique-id-representing-the-user-or-device") { (sessionState, sessionData, error) in
if let error = error {
print("Session error.")
print(error.localizedDescription)
return
}
print("Session initialization successful.")
}
}
You should now be authenticated and ready to use VideoKit.
Please be aware that this authentication method is not secure and only recommended for development purposes. We recommend to only use the more secure Session Token Authentication in your production environment.
Session ID Authentication (more secure)
Go to your AppDelegate and import VideoKitCore.
import VideoKitCore
Retreive Session Token from your Backend
In order to generate a user session securely, you will need to implement a backend service that knows the API token and is in charge of your user's session management.
To get an idea of how it works, please take a look at our example written in Node.js: https://github.com/Video-io/videokit-nodejs
// This code needs to be adapted to reflect your backend scenario
struct SessionResponse: Decodable {
var sessionToken: String
}
if let url = URL(string: "https://videokit-node-js-example-33sztycg3fx6.runkit.sh/token/unique-user-id") {
URLSession.shared.dataTask(with: url) { data, response, error in
if let data = data {
do {
let res = try JSONDecoder().decode(SessionResponse.self, from: data)
let sessionToken = res.sessionToken
// Use session Token for sign in
} catch let error {
print(error)
}
}
}.resume()
}
Sign in with Session Token
VKSession.current.start(
apiToken: "retrieved-session-token",
identity: "a-unique-id-representing-the-user-or-device") { (sessionState, sessionData, error) in
if let error = error {
print("Session error.")
print(error.localizedDescription)
return
}
print("Session initialization successful.")
}
Node.js Express backend example
Here is a simple example using a Node.js express server:
const { VKitClient } = require('@video-io/videokit-nodejs')
const express = require('express')
const app = express()
const port = 3000
const vkit = new VKitClient({
appSecret: 'YOUR_APP_TOKEN'
})
app.get('/token', async (req, res) => {
const { sessionToken, expiresAt, identity } = await vkit.getSessionToken('END_USER_ID')
res.send(`{"sessionToken": ${sessionToken}`)
})
app.get('/', (req, res) => {
res.send('Session Service')
})
app.listen(port, () => {
console.log(`Video.io session service listening on http://localhost:${port}`)
})
Working example: https://runkit.com/dstuecken/videokit-node-js-example/3.0.0