RESTful authentication

Before using an Agora RESTful API, you need to setup REST authentication.

Available REST authentication methods are:

• Basic HTTP authentication

  You need to generate a Base64-encoded credential with the Customer ID and Customer Secret provided by Agora and pass the credential to the Authorization parameter in the request header.

Implement authentication on the server; otherwise, you may encounter the risk of data leakage.

To generate a set of Customer ID and Customer Secret, do the following:

1. In Agora Console, click the account name in the top right corner, and click RESTful API from the drop-down list to enter the RESTful API page.

   

2. Click Add a secret, and click OK. A set of Customer ID and Customer Secret is generated.

3. Click Download in the Customer Secret column. Read the pop-up window carefully, and save the downloaded key_and_secret.txt file in a secure location.

4. Use the Customer ID (key) and Customer Secret (secret) to generate a Base64-encoded credential, and pass the Base64-encoded credential to the Authorization parameter in the HTTP request header.

You can download the Customer Secret from Agora Console only once. Be sure to keep it secure.

The following sample codes implement basic HTTP authentication and send a request with the Server RESTful API to get the basic information of all current Agora projects.

_40

import java.io.IOException;

_40

import java.net.URI;

_40

import java.net.http.HttpClient;

_40

import java.net.http.HttpRequest;

_40

import java.net.http.HttpResponse;

_40

import java.util.Base64;

_40

_40

_40

// HTTP basic authentication example in Java using the RTC Server RESTful API

_40

public class Base64Encoding {

_40

_40

public static void main(String[] args) throws IOException, InterruptedException {

_40

_40

// Customer ID

_40

final String customerKey = "Your customer ID";

_40

// Customer secret

_40

final String customerSecret = "Your customer secret";

_40

_40

// Concatenate customer key and customer secret and use base64 to encode the concatenated string

_40

String plainCredentials = customerKey + ":" + customerSecret;

_40

String base64Credentials = new String(Base64.getEncoder().encode(plainCredentials.getBytes()));

_40

// Create authorization header

_40

String authorizationHeader = "Basic " + base64Credentials;

_40

_40

HttpClient client = HttpClient.newHttpClient();

_40

_40

// Create HTTP request object

_40

HttpRequest request = HttpRequest.newBuilder()

_40

.uri(URI.create("https://api.agora.io/dev/v1/projects"))

_40

.GET()

_40

.header("Authorization", authorizationHeader)

_40

.header("Content-Type", "application/json")

_40

.build();

_40

// Send HTTP request

_40

HttpResponse<String> response = client.send(request,

_40

HttpResponse.BodyHandlers.ofString());

_40

_40

System.out.println(response.body());

_40

}

_40

}

_54

package main

_54

_54

import (

_54

"fmt"

_54

"strings"

_54

"net/http"

_54

"io/ioutil"

_54

"encoding/base64"

_54

)

_54

_54

// HTTP basic authentication example in Golang using the RTC Server RESTful API

_54

func main() {

_54

_54

// Customer ID

_54

customerKey := "Your customer ID"

_54

// Customer secret

_54

customerSecret := "Your customer secret"

_54

_54

// Concatenate customer key and customer secret and use base64 to encode the concatenated string

_54

plainCredentials := customerKey + ":" + customerSecret

_54

base64Credentials := base64.StdEncoding.EncodeToString([]byte(plainCredentials))

_54

_54

url := "https://api.agora.io/dev/v1/projects"

_54

method := "GET"

_54

_54

payload := strings.NewReader(``)

_54

_54

client := &http.Client {

_54

}

_54

req, err := http.NewRequest(method, url, payload)

_54

_54

if err != nil {

_54

fmt.Println(err)

_54

return

_54

}

_54

// Add Authorization header

_54

req.Header.Add("Authorization", "Basic " + base64Credentials)

_54

req.Header.Add("Content-Type", "application/json")

_54

_54

// Send HTTP request

_54

res, err := client.Do(req)

_54

if err != nil {

_54

fmt.Println(err)

_54

return

_54

}

_54

defer res.Body.Close()

_54

_54

body, err := ioutil.ReadAll(res.Body)

_54

if err != nil {

_54

fmt.Println(err)

_54

return

_54

}

_54

fmt.Println(string(body))

_54

}

_41

<?php

_41

// HTTP basic authentication example in PHP using the RTC Server RESTful API

_41

// Customer ID

_41

$customerKey = "Your customer ID";

_41

// Customer secret

_41

$customerSecret = "Your customer secret";

_41

// Concatenate customer key and customer secret

_41

$credentials = $customerKey . ":" . $customerSecret;

_41

_41

// Encode with base64

_41

$base64Credentials = base64_encode($credentials);

_41

// Create authorization header

_41

$arr_header = "Authorization: Basic " . $base64Credentials;

_41

_41

$curl = curl_init();

_41

// Send HTTP request

_41

curl_setopt_array($curl, array(

_41

CURLOPT_URL => 'https://api.agora.io/dev/v1/projects',

_41

CURLOPT_RETURNTRANSFER => true,

_41

CURLOPT_ENCODING => '',

_41

CURLOPT_MAXREDIRS => 10,

_41

CURLOPT_TIMEOUT => 0,

_41

CURLOPT_FOLLOWLOCATION => true,

_41

CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,

_41

CURLOPT_CUSTOMREQUEST => 'GET',

_41

_41

CURLOPT_HTTPHEADER => array(

_41

$arr_header,

_41

'Content-Type: application/json'

_41

),

_41

));

_41

_41

$response = curl_exec($curl);

_41

_41

if($response === false) {

_41

echo "Error in cURL : " . curl_error($curl);

_41

}

_41

_41

curl_close($curl);

_41

_41

echo $response;

_47

using System;

_47

using System.IO;

_47

using System.Net;

_47

using System.Text;

_47

_47

// HTTP basic authentication example in C# using the RTC Server RESTful API

_47

namespace Examples.System.Net

_47

{

_47

public class WebRequestPostExample

_47

{

_47

public static void Main()

_47

{

_47

// Customer ID

_47

string customerKey = "Your customer ID";

_47

// Customer secret

_47

string customerSecret = "Your customer secret";

_47

// Concatenate customer key and customer secret and use base64 to encode the concatenated string

_47

string plainCredential = customerKey + ":" + customerSecret;

_47

_47

// Encode with base64

_47

var plainTextBytes = Encoding.UTF8.GetBytes(plainCredential);

_47

string encodedCredential = Convert.ToBase64String(plainTextBytes);

_47

// Create authorization header

_47

string authorizationHeader = "Authorization: Basic " + encodedCredential;

_47

_47

// Create request object

_47

WebRequest request = WebRequest.Create("https://api.agora.io/dev/v1/projects");

_47

request.Method = "GET";

_47

_47

// Add authorization header

_47

request.Headers.Add(authorizationHeader);

_47

request.ContentType = "application/json";

_47

_47

WebResponse response = request.GetResponse();

_47

Console.WriteLine(((HttpWebResponse)response).StatusDescription);

_47

_47

using (Stream dataStream = response.GetResponseStream())

_47

{

_47

StreamReader reader = new StreamReader(dataStream);

_47

string responseFromServer = reader.ReadToEnd();

_47

Console.WriteLine(responseFromServer);

_47

}

_47

_47

response.Close();

_47

}

_47

}

_47

}

_39

// HTTP basic authentication example in node.js using the RTC Server RESTful API

_39

const https = require('https')

_39

// Customer ID

_39

const customerKey = "Your customer ID"

_39

// Customer secret

_39

const customerSecret = "Your customer secret"

_39

// Concatenate customer key and customer secret and use base64 to encode the concatenated string

_39

const plainCredential = customerKey + ":" + customerSecret

_39

// Encode with base64

_39

encodedCredential = Buffer.from(plainCredential).toString('base64')

_39

authorizationField = "Basic " + encodedCredential

_39

_39

_39

// Set request parameters

_39

const options = {

_39

hostname: 'api.agora.io',

_39

port: 443,

_39

path: '/dev/v1/projects',

_39

method: 'GET',

_39

headers: {

_39

'Authorization':authorizationField,

_39

'Content-Type': 'application/json'

_39

}

_39

}

_39

_39

// Create request object and send request

_39

const req = https.request(options, res => {

_39

console.log(`Status code: ${res.statusCode}`)

_39

_39

res.on('data', d => {

_39

process.stdout.write(d)

_39

})

_39

})

_39

_39

req.on('error', error => {

_39

console.error(error)

_39

})

_39

_39

req.end()

_35

# -- coding utf-8 --

_35

# Python 3

_35

# HTTP basic authentication example in python using the RTC Server RESTful API

_35

import base64

_35

import http.client

_35

_35

_35

# Customer ID

_35

customer_key = "Your customer ID"

_35

# Customer secret

_35

customer_secret = "Your customer secret"

_35

_35

# Concatenate customer key and customer secret and use base64 to encode the concatenated string

_35

credentials = customer_key + ":" + customer_secret

_35

# Encode with base64

_35

base64_credentials = base64.b64encode(credentials.encode("utf8"))

_35

credential = base64_credentials.decode("utf8")

_35

_35

# Create connection object with basic URL

_35

conn = http.client.HTTPSConnection("api.agora.io")

_35

_35

payload = ""

_35

_35

# Create Header object

_35

headers = {}

_35

# Add Authorization field

_35

headers['Authorization'] = 'basic ' + credential

_35

_35

headers['Content-Type'] = 'application/json'

_35

_35

# Send request

_35

conn.request("GET", "/dev/v1/projects", payload, headers)

_35

res = conn.getresponse()

_35

data = res.read()

_35

print(data.decode("utf-8"))