100ms Logo



Search docs

Authentication and Tokens

App Token

100ms client-side SDKs use App Tokens to authenticate a peer (participant) while joining a room. Generate this token on the server-side and make it available for your client-side apps that use the 100ms SDKs.

  • To create the App Token, use the app_access_key and app_secret from the developer section in your 100ms dashboard.
  • room_id: This is the unique identifier for your room. You can get it from the rooms page in your dashboard or in the response payload of the create room server-side API.
  • user_id: This identifier can be used to map a 100ms peer to your own internal user object for business logic. Specify your internal user identifier as the peer’s user_id. If not available, use any random string.

Code sample: Generate app token

var jwt = require('jsonwebtoken'); var uuid4 = require('uuid4'); var app_access_key = '<app_access_key>'; var app_secret = '<app_secret>'; var payload = { access_key: app_access_key, room_id: '<room_id>', user_id: '<user_id>', role: '<role>', type: 'app', version: 2, iat: Math.floor(Date.now() / 1000), nbf: Math.floor(Date.now() / 1000) }; jwt.sign( payload, app_secret, { algorithm: 'HS256', expiresIn: '24h', jwtid: uuid4() }, function (err, token) { console.log(token); } );


Your app key and secret carry many privileges, please ensure to keep them secure.

Management Token

For setting up management tokens for server side API requests, please refer to the authentication guide in server-side API section.