Generate Signature

Each request to start and join a session must be authenticated by an encrypted signature authorizing each user to enter. A signature must be generated each time you join a session through a backend (server-side) function where your credentials can be stored securely.

This signature is used in the client.join method. Follow the guide to Launch a Session once this is set up.

Within your application, create a server-side function to generate a signature based on dynamic session inputs.

Signature parameters:

Name Description
sdkKey SDK Key of your account
sdkSecret SDK Secret of your account
sessionName Session being joined
password Session password

Optional parameters:

Name Description
sessionKey A unique identifier for the session that you can set to track the session, instead of relying on the human-friendly sessionName.
userIdentity A unique identifier for the user that you set to track users instead of relying on the human-friendly userName.

Sample generate signature function

Generating a signature requires sdkKey and sdkSecret. In the sample function below we use jsrsassign, an open source cryptographic JavaScript library.

import { KJUR } from "jsrsasign";

function generateVideoToken(sdkKey, sdkSecret, topic, password = "") {
  let signature = "";
  // try {
  const iat = Math.round(new Date().getTime() / 1000);
  const exp = iat + 60 * 60 * 2;

  // Header
  const oHeader = { alg: "HS256", typ: "JWT" };
  // Payload
  const oPayload = {
    app_key: sdkKey,
    tpc: topic,
    pwd: password,
  // Sign JWT
  const sHeader = JSON.stringify(oHeader);
  const sPayload = JSON.stringify(oPayload);
  signature = KJUR.jws.JWS.sign("HS256", sHeader, sPayload, sdkSecret);
  return signature;

); // call the generateVideoToken function

Simple Signature Setup

To quickly, easily, and securly generate a signature for the Video SDK, checkout the Signature Sample App, or deploy the signature sample app to a Heroku instance by clicking “Deploy to Heroku”:


After clicking the “Deploy to Heroku” button, enter your JWT API Key and API Secret, then click “Deploy app”.

Once your app is deployed, make a POST request to your Heroku URL with the a request body with the following parameters:

Body Description
sessionName Session Name of your choice.
sessionPasscode Session Passcode of your choice.

Example request

POST https://{sub_domain}

Request body

  "sessionName": "Cool Cars",
  "sessionPasscode": "Ilovecars!"


If successful, the response body will be a JSON representation of your signature:

  "signature": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9eyJhcHBfa2V5IjoiQVBJS0VZSEVSRSIsImlhdCI6MTYyMDI0NzE2OSwiZXhwIjoxNjIwMjU0MzY5LCJ0cGMiOiJDb29sIENhcnMiLCJwd2QiOiJJbG92ZWNhcnMhIn0="

Pass signature to Video SDK

In the Video SDK, pass in the signature to the client.join method:

// make http request to your server to get the signature

  topic: sessionName,
  signature: signature,
  userName: userName,
  password: sessionPasscode,
).then((data) => {
}).catch((error) => {