|
| 1 | +# Token sources |
| 2 | + |
| 3 | +These examples show the different ways to obtain the credentials |
| 4 | +(**WebSocket URL** + **participant JWT**) the SDK needs to join a room. Each |
| 5 | +example builds its own executable, constructs a single kind of |
| 6 | +[`TokenSource`](https://github.com/livekit/client-sdk-cpp/blob/main/include/livekit/token_source.h), |
| 7 | +connects to a room, logs participant join/leave for a few seconds, then |
| 8 | +disconnects. |
| 9 | + |
| 10 | +> Token sources are for the **initial connection only**. Once connected, the |
| 11 | +> LiveKit server refreshes the session token internally — your token source is |
| 12 | +> not called again unless you connect again. See the SDK's |
| 13 | +> [authentication docs](https://github.com/livekit/client-sdk-cpp/blob/main/docs/authentication.md). |
| 14 | +
|
| 15 | +## The types |
| 16 | + |
| 17 | +| Example | Type | When to use | |
| 18 | +|---|---|---| |
| 19 | +| `literal.cpp` | `LiteralTokenSource` | You already have a URL + JWT (minted out of band, e.g. `lk token create`). The SDK consumes them as-is. | |
| 20 | +| `endpoint.cpp` | `EndpointTokenSource` | Recommended for production. The SDK POSTs request options to your backend token endpoint, which returns the URL + a fresh JWT. API keys stay server-side. | |
| 21 | +| `sandbox.cpp` | `SandboxTokenSource` | Local development only. Uses LiveKit Cloud's sandbox token server. Not for production. | |
| 22 | +| `custom.cpp` | `CustomTokenSource` | You have an internal auth/token system. Plug in your own async callback that returns credentials. | |
| 23 | +| `caching.cpp` | `CachingTokenSource` | A decorator that adds JWT-aware caching around any configurable source (endpoint/sandbox/custom) to cut down on fetch calls. | |
| 24 | + |
| 25 | +`LiteralTokenSource` is *fixed* (no per-call options); the others are |
| 26 | +*configurable* and accept |
| 27 | +[`TokenRequestOptions`](https://github.com/livekit/client-sdk-cpp/blob/main/include/livekit/token_source.h) |
| 28 | +(room name, participant identity, agent dispatch, ...). |
| 29 | + |
| 30 | +## Configuration |
| 31 | + |
| 32 | +All inputs come from environment variables, so no secrets or sandbox IDs are |
| 33 | +committed to source. |
| 34 | + |
| 35 | +| Variable | Used by | Notes | |
| 36 | +|---|---|---| |
| 37 | +| `LIVEKIT_URL` | literal, custom | WebSocket URL, e.g. `ws://localhost:7880`. | |
| 38 | +| `LIVEKIT_TOKEN` | literal, custom | Participant JWT. | |
| 39 | +| `LIVEKIT_TOKEN_ENDPOINT` | endpoint, caching | Token endpoint URL. Default `http://127.0.0.1:3000/createToken`. | |
| 40 | +| `LIVEKIT_TOKEN_ENDPOINT_METHOD` | endpoint, caching | Optional HTTP method (default `POST`). | |
| 41 | +| `LIVEKIT_TOKEN_ENDPOINT_HEADERS` | endpoint, caching | Optional newline-separated `Name: Value` headers. | |
| 42 | +| `LIVEKIT_SANDBOX_ID` | sandbox | Required. Sandbox ID from LiveKit Cloud. | |
| 43 | +| `LIVEKIT_AGENT_NAME` | sandbox | Optional agent to dispatch into the room. | |
| 44 | +| `LIVEKIT_AGENT_METADATA` | sandbox | Optional metadata for the dispatched agent. | |
| 45 | + |
| 46 | +## Building |
| 47 | + |
| 48 | +The token source API is newer than the latest published SDK release, so build |
| 49 | +these examples against a **local SDK build** of the |
| 50 | +[`feature/token_source_api`](https://github.com/livekit/client-sdk-cpp/tree/feature/token_source_api) |
| 51 | +branch rather than a downloaded release. |
| 52 | + |
| 53 | +```bash |
| 54 | +# 1. Build and install the SDK from the feature branch. |
| 55 | +git clone https://github.com/livekit/client-sdk-cpp.git |
| 56 | +cd client-sdk-cpp |
| 57 | +git checkout feature/token_source_api |
| 58 | +git submodule update --init --recursive |
| 59 | +./build.sh release --bundle --prefix "$HOME/livekit-sdk-install" |
| 60 | + |
| 61 | +# 2. Configure the examples against that local install. |
| 62 | +cd /path/to/cpp-example-collection |
| 63 | +cmake -S . -B build -DLIVEKIT_LOCAL_SDK_DIR="$HOME/livekit-sdk-install" |
| 64 | +cmake --build build |
| 65 | +``` |
| 66 | + |
| 67 | +Once the token source API ships in a release, you can drop |
| 68 | +`-DLIVEKIT_LOCAL_SDK_DIR` and use the normal download flow (optionally pinning |
| 69 | +`-DLIVEKIT_SDK_VERSION`). |
| 70 | + |
| 71 | +## Running |
| 72 | + |
| 73 | +The built binaries live under `build/token_source/`: |
| 74 | + |
| 75 | +```bash |
| 76 | +# Literal: bring your own URL + token |
| 77 | +export LIVEKIT_URL=ws://localhost:7880 |
| 78 | +export LIVEKIT_TOKEN=<participant-jwt> |
| 79 | +./build/token_source/token_source_literal |
| 80 | + |
| 81 | +# Endpoint / caching: point at your token endpoint |
| 82 | +export LIVEKIT_TOKEN_ENDPOINT=http://127.0.0.1:3000/createToken |
| 83 | +./build/token_source/token_source_endpoint |
| 84 | +./build/token_source/token_source_caching |
| 85 | + |
| 86 | +# Sandbox: development-only, ID from the environment |
| 87 | +export LIVEKIT_SANDBOX_ID=<your-sandbox-id> |
| 88 | +./build/token_source/token_source_sandbox |
| 89 | + |
| 90 | +# Custom: callback returns credentials (this example reads the env) |
| 91 | +export LIVEKIT_URL=ws://localhost:7880 |
| 92 | +export LIVEKIT_TOKEN=<participant-jwt> |
| 93 | +./build/token_source/token_source_custom |
| 94 | +``` |
| 95 | + |
| 96 | +Generate a development token with the |
| 97 | +[LiveKit CLI](https://docs.livekit.io/home/cli/cli-setup/) (a dev server started |
| 98 | +with `livekit-server --dev` uses `devkey` / `secret`): |
| 99 | + |
| 100 | +```bash |
| 101 | +export LIVEKIT_TOKEN=$(lk token create \ |
| 102 | + --api-key devkey --api-secret secret \ |
| 103 | + -i my-participant --join --room my-room \ |
| 104 | + --valid-for 24h --token-only) |
| 105 | +``` |
0 commit comments