CODEWITHSUNDEEP
curltwilio
Thomas Carlton
Thomas Carlton

Reputation: 5968

How to create a twilio video access token using CURL?

We are creating a video application using Twilio Video API.

We are not using a standard langage (C#, Node.Js, PHP, Ruby, Phython, Java). So we are using HTTP commands.

In the documentation for creating a room for example (here : https://www.twilio.com/docs/video/api/rooms-resource#), there is a documentation regarding how to create a room using CURL. So we are using these commands :

curl -X POST https://video.twilio.com/v1/Rooms \
--data-urlencode "UniqueName=DailyStandup" \
-u $TWILIO_ACCOUNT_SID:$TWILIO_AUTH_TOKEN

However for creating an Access Token, there is no example how to do that in CURL. There is only (C#, Node.Js, PHP, Ruby, Python, Java) here : https://www.twilio.com/docs/video/tutorials/user-identity-access-tokens#generate-helper-lib

See screenshot attached:

enter image description here

How can I create an access token using CURL?

Upvotes: 0

Views: 663

Answers (2)

philnash
philnash

Reputation: 73055

To follow up on Miguel's answer, there is documentation on how to generate Twilio Access Tokens. A Video Access Token requires an identity and video grant. The video grant can optionally contain a room property that contains a room name or SID. If a video grant has the room property, the Access Token can only be used to enter the defined room.

The payload of an Access Token with a Video grant looks like this:

{
  "jti": "SKAPIKEY-1648079388",
  "grants": {
    "identity": "philnash",
    "video": {
      "room": "
    }
  },
  "iat": 1648079388,
  "exp": 1648082988,
  "iss": "SKAPIKEY",
  "sub": "ACCOUNT_SID"
}

There is also a Twilio CLI plugin that can be used on the command line to generate Access Tokens, which you may find useful. When you've installed the plugin, you can use it to generate a token with the command:

twilio token:video --identity=<identity>

Upvotes: -1

Miguel Grinberg
Miguel Grinberg

Reputation: 67507

Access tokens can be generated locally in the server, without curl. These are standard JWTs that use the HS256 signing algorithm. The signing key is the secret of the API key that you are using.

The payload of the JWT is going to be a bit tricky to generate. Depending on what grant(s) you want to assign to the token the payload contents are going to vary. My recommendation is that you generate a valid token using one of the Twilio helper libraries, then decode its payload and generate the same format. You can decode a JWT token at https://jwt.io.

Upvotes: 2

Related Questions