JWT retrieve alias
Securely retrieve alias details using a JWT-based authentication mechanism. This process involves three key steps:
Creating a private alias with a
jwt_secret
.Signing a JWT token with user-specific claims.
Using the token to access protected alias details.
Step 1: Create a Private Alias
Create a private alias and assign it a jwt_secret
. This secret will later be used to sign JWT tokens that authorize access to the alias.
Endpoint:
POST /organization/api/v1/alias/create
URL:
https://link.api.datagram.network/organization/api/v1/alias/create
Request Body
type
string
✅ Yes
Type of alias
"conference"
or "live"
name
string
❌ No
Custom alias name
"Team Sync Alias"
jwt_secret
string
✅ Yes
Secret used for signing JWT tokens
"myJWTsecret123"
"myJWTsecret123"
expired_at
integer
✅ Yes
Expiry time as Unix timestamp (in seconds)
1737456308
Example Request
{
"type": "conference",
"name": "Private Alias Name",
"jwt_secret": "your-secure-secret",
"expired_at": 1737456308
}
Responses
✅ 200 OK
Alias successfully created.
id
string
Alias ID
"alias_2XH5gT8vKp"
type
string
Alias type (conference or live)
"conference"
name
string
Name of the alias
"Q3 Product Launch"
passcode
string
Passcode if set (nullable)
null
or "Pr0d!2024"
jwt_secret
string
The JWT signing secret
"sec_abc123...xyz456"
stream_key
string
Streaming key (nullable)
null
or "live_2XH5gT8vKp"
expired_at
integer
Expiry time of the alias
1735689600000
(Dec 31, 2024)
Example Response
{
"data": {
"id": "priva",
"type": "conference",
"name": "Private Alias Name",
"passcode": null,
"jwt_secret": "your-secure-secret",
"stream_key": null,
"expired_at": 1737456308
}
}
❌ 401 Unauthorized
message
string
Error message for invalid access
"UNAUTHORIZED"
Example
{
"error": {
"message": "UNAUTHORIZED"
}
}
❌ 404 Not Found
message
string
Error when alias is not found
"Alias not found"
Example
{
"error": {
"message": "Alias not found"
}
}
Step 2: Generate and Sign a JWT Token
Generate a JWT token using the alias's jwt_secret
and user-specific claims.
Example JWT Claims
{
"alias": "priva",
"user_id": "user456xxyz",
"host": true,
"expires_in": 3600
}
alias
string
The ID of the alias being accessed
"alias123abc"
user_id
string
Unique ID for the user
"user789xyz"
host
boolean
Indicates whether the user has host privileges
true
or false
expires_in
integer
Token expiration time (in seconds from issuance)
3600
Token Signing (Elixir Example)
alias_id = "priva"
jwt_secret = "your-secure-secret"
claims = %{
"alias" => alias_id,
"user_id" => "user456xxyz",
"host" => true,
"expires_in" => 3600
}
{:ok, token, _} = JWT.generate_and_sign(claims, signer(jwt_secret))
Step 3: Authenticate and Retrieve Alias
Use the generated token to retrieve alias details securely.
Endpoint:
GET /api/v1/alias/:id
URL:
https://link.api.datagram.network/api/v1/alias/priva
Headers
authorization
string
✅ Yes
Bearer token with signed JWT
BearereyJhbGciOiJlUzl1NilslnR5cCl6...
Example Request
GET /api/v1/alias/priva HTTP/1.1
Host: link.api.datagram.network
Authorization: Bearer <jwt_token>
Example Response
{
"data": {
"id": "priva",
"type": "conference",
"name": "Private Alias Name",
"passcode": null,
"jwt_secret": null,
"stream_key": null,
"expired_at": 1737456308,
"inserted_at": 1737356308
}
}
JWT Verification and Validation
The API performs the following steps to verify the JWT token:
Extract the JWT from the Authorization header.
Decode using the alias's jwt_secret.
Validate claims:
alias in the token matches the alias ID in the path.
expires_in is still valid (token not expired).
Responses
200
Successfully authenticated and alias retrieved
{"alias" : "alias123abc", "status" : "active"}
401
Unauthorized – Invalid or expired token
{"error": "unauthorized"}
404
Alias not found
{"error": "Alias not found"}
401 Unauthorized Example
{
"error": {
"message": "UNAUTHORIZED"
}
}
404 Not Found Example
{
"error": {
"message": "Alias not found"
}
}
Last updated