100ms Logo



Search docs

Authentication and tokens

Management Token

100ms uses management tokens to authenticate REST APIs. The service required to generate this token should be hosted on your server. You must use the app_access_key and app_secret from the developer section in your 100ms dashboard to create the management token.

Code sample: Generate management token

var jwt = require('jsonwebtoken'); var uuid4 = require('uuid4'); var app_access_key = '<app_access_key>'; var app_secret = '<app_secret>'; jwt.sign( { access_key: app_access_key, type: 'management', version: 2, iat: Math.floor(Date.now() / 1000), nbf: Math.floor(Date.now() / 1000) }, app_secret, { algorithm: 'HS256', expiresIn: '24h', jwtid: uuid4() }, function (err, token) { console.log(token); } );


Your app key and secret carry many privileges, please ensure to keep them secure. All requests must be made over HTTPS. Requests made over plain HTTP and without a management token will fail.

App token

For setting up app tokens for client apps, please refer to the authentication guide in client SDK section.