The Agora RTM SDK provides two authentication methods:
- App ID
- RTM token
The following figure shows scenarios for using security keys:
Use an App ID for authentication
After signing up for a developer account in Agora Console, you can create multiple projects. Each project has an App ID, which is the unique identity of the project. If others steal your App ID, they can use it in their own projects. Therefore, using an App ID for authentication is less secure. Agora recommends using an App ID for authentication only in a test environment, or if your project has low security requirements.
- Sign up for a new account at https://sso.agora.io/en/login.
- Click Create on the Overview page in Console.
- Enter the project name in Project Name and click Submit.
- Find the App ID under the created project.
You must set the
appId parameter as the App ID when initializing the client.
Use an RTM token for authentication
Complete the following steps to get and use an RTM token.
Step 1: Get an App ID
See Get an App ID.
Step 2: Get an App Certificate
- Log in Agora Console.
- Click Overview in the left navigation menu to go to the Projects page in Console.
- Enable the App Certificate for the project.
- Click to the right of the created project.
- Click Enable to the right of the App Certificate. Read About App Certificate before confirming the operation.
- Click to view the App Certificate. You can re-click this icon to hide the App Certificate.
- The App Certificate takes about an hour to take effect after it is enabled. Once the App Certificate is enabled for a project, you can use only a token for authentication.
- You do not have to set Signaling token debugging switch because it does not affect RTM projects.
Step 3: Create an RTM token generator
Agora provides an open source Agora Dynamic Key repository on GitHub. The
./<language>/src folder of each language holds source codes for generating different types of dynamic keys and tokens. You can use
RtmTokenBuilder to generate an RTM Token. The
./<language>/sample folder of each language holds token generator examples that Agora creates for demonstration purposes.
RtmTokenBuilderSample is a demo for generating an RTM token.
RtmTokenBuilder parameter description (C++)
static std::string buildToken(const std::string& appId, const std::string& appCertificate, const std::string& userAccount, RtmUserRole userRole, uint32_t privilegeExpiredTs = 0);
|appId||The App ID of your project.|
|appCertificate||The App Certificate of your project.|
|userAccount||The user ID of the RTM system.|
|userRole||The user role. Agora supports only one user role. Set the value as the default value
|privilegeExpiredTs||This parameter is currently invalid. You can ignore this parameter.|
Step 4: Deploy an RTM token generator to production
Complete the following steps to deploy an RTM token generator to production:
- Implement an RTM generator on the server.
- The client sends a request to get an RTM token from the server whenever a token is required.
- The server receives the request, generates an RTM token, and sends the token to the client.
- The client calls
renewTokento update the RTM token.