Security Keys

There is a new release of the Developer Center! If you'd like to check it out, please click  here

Security Keys

Introduction

This page describes how to use security keys with the Agora SDK.

App ID

After signing up at Dashboard, multiple projects can be created. Each project will be assigned a unique App ID. Anyone with your App ID can use it on any Agora SDK. Hence, it is prudent to safeguard the App IDs.

Signaling Key

Agora recommends using a Signaling Key for added security.

How to Get and Use an App ID

Get an App ID

Each Agora account can create multiple projects, and each project has a unique App ID.

  1. Sign up for a new account at https://dashboard.agora.io/.

  2. Click Add New Project on the Projects page of the dashboard.

  3. Fill in the Project Name and click Submit.

    ../_images/create_project.png
  4. Find the App ID under the created project.

Use an App ID

Access the Agora services by using your unique App ID:

  1. Enter the App ID in the start window to enable voice or video communication in the demo.
  2. Add the App ID to the code when developing the application.
  3. Set the appId parameter as the App ID when calling APIs.

Get a Signaling Key

Step 1: Get an App ID

Get an App ID.

Step 2: Get an App Certificate

Each Agora account can create multiple projects, and each project has a unique App ID and App Certificate.

  1. Login to https://dashboard.agora.io.

  2. Click Add New Project on the Projects page of the dashboard.

  3. Fill in the Project Name and click Submit. Find the App ID under the created project.

    ../_images/create_project.png
  4. Enable the App Certificate for the project.

    • Click Edit on the top-right of the project.

    • Click Enable to the right of the App Certificate. Read About App Certificate before confirming the operation.

      ../_images/enable_app_cert.png
    • Click the ‘eye’ icon to view the App Certificate. You can re-click this icon to hide the App Certificate.

      ../_images/view_app_certificate.png

Note

  • Contact support@agora.io to renew an App Certificate.
  • Keep the App Certificate on the server, never on any client machine.
  • It takes about an hour for the App Certificate to take effect after it is enabled.
  • Once the App Certificate is enabled for a project, a Signaling Key must be used. For example, before enabling the App Certificate, an App ID can be used to join a channel; but once an App Certificate is enabled, a Signaling Key must be used to join a channel.

Step 3: Integrate the Schema

Use the following algorithm to generate a token (Signaling Key):

Input:

appId             = "C5D15F8FD394285DA5227B533302A518" //App ID
appCertificate    = "fe1a0437bf217bdd34cd65053fb0fe1d" //App Certificate
expiredTime       = "1546271999" // Authorized Timestamp
account           = "test@agora.io" //The User ID defined by the client.

Use the following field names in the sequence:

Field Name Type Length Description
Version String   Signaling Key version number, fixed as 1.
App ID String 32 App ID provided by Agora, obtained at https://dashboard.agora.io.
Authorized Timestamp Number 10 UTC timestamp represented by the number of seconds elapsed since 1/1/1970. Indicates the exact time when a party can no longer use the Agora service (for example, when someone is forced to leave an ongoing call).
Sign String 32

Hex code for the signature. A string calculated by the MD5 algorithm based on inputs including the App Certificate and the following fields:

  • account: User ID defined by the client.
  • appId: A 32-character App ID string.
  • appCertificate: A 32-character App Certificate string.
  • expiredTime: UTC timestamp indicating the specific moment when a user cannot access the Agora Signaling System.

Output:

token       = "1:appId:expiredTime:md5(account + appId + appCertificate + expiredTime)"
            = "1:C5D15F8FD394285DA5227B533302A518:1546271999:md5(test@agora.ioC5D15F8FD394285DA5227B533302A518fe1a0437bf217bdd34cd65053fb0fe1d1546271999)"
            = "1:C5D15F8FD394285DA5227B533302A518:1546271999:5c0ee12fdf2020d0d0fdad04d6395473"

The generated token is the Signaling Key used to login the Agora signaling system for Step 4: Use a Signaling Key.

Step 4: Use a Signaling Key

Before a user requests to login the Agora signaling system:

  1. The client application requests authentication from your organization’s business server.
  2. The server, upon receiving the request, uses the algorithm provided by Agora to generate a Signaling Key and then passes the Signaling Key back to the client application. The Signaling Key is based on the App Certificate, App ID, and User ID defined by the client, and the Authorized Timestamp.
  3. The client application calls the login method, and is required to set the token parameter as the generated Signaling Key.
  4. The Agora server receives the Signaling Key and confirms that the call comes from a legitimate user, then allows the user to access the Agora Signaling System.
Is this page helpful?