Authentication

Sariska utilizes JSON Web Tokens (JWTs) to securely authenticate users and devices. JWTs are a standardized, structured, and self-contained method for conveying information between clients as JSON objects. They serve as a mechanism for asserting claims exchanged between two parties. In the context of a JWT, a claim is a declaration about a company or user, accompanied by additional metadata about the token itself. The payload, which is maintained in JSON format, contains a set of claims. JWTs are digitally signed and encrypted for enhanced security.

Sariska generates these tokens on its servers. A single token can be used to access all Sariska services.

async function fetchToken () {
   const payload = {
       method: "POST",
       headers: {
           'Content-Type': 'application/json"
       },
       body: JSON.stringify({
            apiKey: "{your-api-key}",
            user: {  // optional
                id: "ytyVgh",
                name: "Nick",
                email: "nick@gmail.com",
                avatar: "https://some-storage-location/nick.jpg",
                moderator: true
                // If participant is moderator set to true, otherwise leave blank.
                // Sariska will automatically appoint the first participant as moderator if the moderator leaves.
            }
       })
   };

   try {
       const response = await fetch("https://api.sariska.io/api/v1/misc/generate-token", payload);
       if (response.ok) {
          const json = await response.json();
          const token = json.token;
          return token;
       }
   } catch (error) {
      console.log(error);
   }
}
await fetchToken();

import 'dart:convert' as convert;
import 'package:http/http.dart' as http

String fetchToken() async {
  final body = {
    user: {
      // optional
      id: "ytyVgh",
      name: "Nick",
      email: "nick@gmail.com",
      avatar: "https://some-storage-location/nick.jpg",
      moderator: true
      // If participant is moderator set to true, otherwise leave blank.
      // Sariska will automatically appoint the first participant as moderator if the moderator leaves.
    },
    apiKey: "{your-api-key}"
  };

  var url = 'https://api.sariska.io/api/v1/misc/generate-token';
  final response = await http.post(url,
      headers: {"Content-Type": "application/json"}, body: body);
  if (response.statusCode == 200) {
    // If the server did return a 200 OK response,
    // then parse the JSON.
    var body = jsonDecode(response.body);
    return body['token'];
  } else {
    // If the server did not return a 200 OK response,
    // then throw an exception.
    throw Exception('Failed to load data');
  }
}


await fetchToken();

let json: [String: Any] = ["apiKey": "{your-api-key}"]

let body = try? JSONSerialization.data(withJSONObject: json)

guard let url = URL(string: "https://api.sariska.io/api/v1/misc/generate-token") else {
    fatalError("URL could not be reached")
}

var request = URLRequest(url: url)
request.httpMethod = "POST"
request.httpBody = body
request.addValue("application/json", forHTTPHeaderField: "Content-Type")
request.addValue("application/json", forHTTPHeaderField: "Accept")
let session = URLSession.shared

let task = session.dataTask(with: request){
    (data, response, error) in
    if let data = data {
        if let token = String(data: data, encoding: String.Encoding.utf8){
            print(token)
        }
    }else{
        print(error ?? "Error with data in URLSession task")
    }
}

task.resume()

import org.phoenixframework.Channel
import org.phoenixframework.Socket
import okhttp3.*
import java.io.IOException

class PostForm {
   private val client = OkHttpClient()
   
   fun run(): Response {
      val formBody = FormBody.Builder().add("apiKey", "{your-api-key}").build()
      val request = Request.Builder()
        .url("https://api.sariska.io/api/v1/misc/generate-token").post(formBody)
        .addHeader("Accept", "application/json")
        .build()
    client.newCall(request).execute().use { response ->
      if (!response.isSuccessful) throw IOException("Unexpected code ${response.code()}")
      return response
    }
  }

fun main() {
  PostForm().run()
}

import android.annotation.TargetApi;
import android.os.Build;
import org.json.JSONArray;
import org.json.JSONException;
import org.json.JSONObject;
import java.io.IOException;
import okhttp3.MediaType;
import okhttp3.OkHttpClient;
import okhttp3.Request;
import okhttp3.RequestBody;
import okhttp3.Response;

public class Utils {

    @TargetApi(Build.VERSION_CODES.KITKAT)

    public static String fetchToken() throws IOException {
        OkHttpClient client = new OkHttpClient();  
        
        final MediaType JSON = MediaType.parse("application/json; charset=utf-8");
        String url = "https://api.sariska.io/api/v1/misc/generate-token";
        String json = "{\"apiKey\":\"{your-api-key}\"," +
                "\"user\":{\"id\":\"112233\"," +
                "\"name\":\"testUser\"," +
                "\"email\":\"test.user@sariska.io\"," +
                "\"moderator\":\"true\"," +
                "\"avatar\":\"null\"}}";

        RequestBody body = RequestBody.create(JSON, json);
        
        Request request = new Request.Builder()
                .url(url)
                .post(body)
                .addHeader("Content-Type", "application/json")
                .build();
                
        try(Response response = client.newCall(request).execute()){
            String responseString = response.body().string();
            responseString = "[" + responseString + "]";
            JSONArray array = new JSONArray(responseString);
            String finalResponse = null;
            for(int i=0; i < array.length(); i++) {
                JSONObject object = array.getJSONObject(i);
                finalResponse = object.getString("token");
            }
            return finalResponse;
        } catch (JSONException e) {
            e.printStackTrace();
            return null;
        }
    }
}

using System.Collections;
using System.Collections.Generic;
using System.Net;
using System.IO;
using System.Text;
using UnityEngine;

public class GenerateToken
{
    public static Token GetToken(string RoomName)
    {
        HttpWebRequest request;
        string data = "{\"apiKey\":\"{your-api-key}\"," +
                "\"user\":{\"id\":\"99266\"," +
                "\"name\":\"SpiderMan\"," +
                "\"email\":\"farfromhome@spideysense.com\"," +
                "\"avatar\":\"null\"}}";
        byte[] dataBytes = Encoding.UTF8.GetBytes(data);
        Debug.Log("Creating request");
        request = (HttpWebRequest)(WebRequest.Create("https://api.sariska.io/api/v1/misc/generate-token"));
        Debug.Log(request);
        Debug.Log("Done Creating request");
        request.AutomaticDecompression = DecompressionMethods.GZip | DecompressionMethods.Deflate;
        request.ContentLength = dataBytes.Length;
        request.ContentType = "application/json";
        request.Method = "POST";
        using (Stream requestBody = request.GetRequestStream())
        {
            requestBody.Write(dataBytes, 0, dataBytes.Length);
        }
        HttpWebResponse response = (HttpWebResponse)request.GetResponse();
        Debug.Log(response.StatusCode + "Response Code");
        StreamReader reader = new StreamReader(response.GetResponseStream());
        string json = reader.ReadToEnd();
        return JsonUtility.FromJson<Token>(json);
    }
}

Parameter

Type

Description

apiKey

Required

Your Sariska.io API key.

user

Optional

A unique identifier for the user. If not provided, Sariska will generate one automatically.

exp

Optional

The expiration time of the token. The default is 24 hours. You can specify a custom expiration time using the following formats: 2 seconds, 2 minutes, 2 hours, 2 days, 2 weeks, or 2 years.

nbf

Optional

The time before which the token is not valid. The token will not be accepted for processing until the current date/time is after or equal to the value of this field. You can specify a custom nbf value using the following formats: 2 seconds, 2 minutes, 2 hours, 2 days, 2 weeks, or 2 years.

scope

Optional

The scope of the token. By default, tokens can be used for integrating media, messaging, and collaboration services. You can restrict the scope to one or more of these services using the following values: messaging, co-browsing, or media. Leave this field blank to use all services.

Last updated 1 year ago