Authentication

Authenticating with Reactive's services comes in two forms:

  1. Authenticated service account requests from your app via service account token authentication.
  2. Authenticated public requests from the users using your app via JWT authentication.

Service account token authentication is required for sensitive actions concerning your app's operations with Reactive. Whereas JWT authentication is required for non-sensitive operations that any user of your app might take.

Service account token authentication

A Reactive user can view their service account API token in the admin here.

Navigate to the API Tokens admin view:

Copy the token for use in your app:

Alternatively, users can retrieve their API token programmatically.

To use the service account token when making requests to the Reactive API, include the token in the Authorization header prefixed with the string literal Token. For example:

curl -X GET https://fot.reactive.live/api/v1/users/me -H 'Authorization: Token 9944b09199c62bcf9418ad846dd0e4bbdfc6ee4b'

Unauthenticated responses that are denied permission will result in an HTTP 401 Unauthorized response.

Public request JWT authentication

Your app's users can interact with Reactive's services using JWT authentication. First users need to get a JWT token for them to authenticate.

Creating a JWT Token for your user

This action creates a JWT token for your user to interact with Reactive's services. This token expires in 10 minutes. When your token has expired create a new token to keep using Reactive's services.

Request:

POST https://authentication-tokens.reactive.live/api/v1/tokens

Body:

Name Type Required Description
stream_id string Yes Id of the stream the user is viewing.
unique_user_identifier string Yes A unique identifier for this user.

For authenticated users, we recommend setting the unique_user_identifier as the user's id. For unauthenticated users, we recommend generating a fingerprint using a library like client.js.

Example command:

curl -X POST  \
  -H "Content-Type: application/json" \
  -d '{"stream_id": "6935357a-8d71-45f2-9a0f-ddaed705b43a", "unique_user_identifier": "AB35457a-8d71-45f2-BE2F-ddaed705b43a"}' \
  https://authentication-tokens.reactive.live/api/v1/tokens

Response:

HTTP 200 OK
Allow: GET, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept

{
   "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c"
}

Authenticating with public JWT authentication

To use public JWT authentication when making requests to the Reactive API, include the JWT token in the Authorization header prefixed with the string literal Bearer. For example:

curl -X GET https://fot.reactive.live/api/v1/example/ -H 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c'

Unauthenticated responses that are denied permission will result in an HTTP 401 Unauthorized response.