Security within video chat applications is necessary now that remote working and virtual events are part of the workplace. In the Agora platform, one good way to add a layer of security on your stream is to add a token service. A token is a dynamic key that is generated using a set of given inputs. The Agora platform uses tokens to authenticate users.
In this tutorial, you learn how to fetch an Agora token from a web service running an Agora token server in your Android application with Java.
Create an Android Studio project by following the steps in the Quickstart Guide, or go straight to the example project on GitHub for a base to get started (Android/APIExample).
To fetch a token, you need to have a token server running either locally or elsewhere. See this article on how a token server can be created. To quickly launch a token server, this GitHub repository has all the necessary code laid out:
Once a token server is set up, you can fetch a token into your application. Follow the steps below to do this with Android (using Java).
Determine the full URL to reach your token service. If you need to access localhost from the Android Emulator, you must use the URL “http://10.0.2.2". The default port used by the token server project on GitHub is 8080.
For information on why we use 10.0.2.2 and how Android Emulator networking works, see the following link:
Here is an example of how to request a token on an Android device, using the URL structure found in the sample token server. An example request is fired at the end after the method definition, with my-channel as the channel name and 0 as the userId.
The network request in this example uses OkHttp as the networking client for efficiency and concentrating the code to focus on the parts relevant to fetching the token. This method returns the token as a string, or an empty string if something fails. Due to networking restrictions on Android, this method must not be run on the main thread.
Using this token, connecting to a channel is completed with RtcEngine.joinChannel with the token included.
All tokens provided through this method expire. The length of time until they expire can be set by the token server or, if altered, can be set as a parameter sent in the request.
When a connected user’s token will expire in 30 seconds, a callback handler onTokenPrivilegeWillExpire is called. Using this callback you can update the token before it expires, avoiding an interruption in the connection during the handover. From here, you can tell the RTC engine to update the token without needing to first disconnect from the channel using RtcEngine.renewToken().
For more information about Agora applications, take a look at the Agora Video Call Quickstart Guide and Agora API Reference.
I also invite you to join the Agora Developer Slack community.