Create Token

Mint a short-lived LiveKit access token for a participant. Call this from your server with a secret key, then hand the returned token and url to your client to join the room.

POSThttps://api.relay.welbuiltai.tech/v1/tokens

Authentication

Send your secret key as a Bearer token. Secret keys must only be used server-side.

HTTP header

Authorization: Bearer sk_live_...

Request body

The request body is JSON with the following fields:

Field	Type	Description
`room` required	string	Room the participant should join. Allowed characters are letters, digits, and `. _ - :`. The room is automatically namespaced to your project, so the returned name is `p_<projectId>__<room>`.
`identity` required	string	Unique identity for the participant. Allowed characters are letters, digits, and `. _ - : @`.
`name` optional	string	Optional display name shown to other participants.
`ttl` optional	number	Token lifetime in seconds. Defaults to `3600` (1 hour) and is capped at `21600` (6 hours).
`metadata` optional	string	Optional opaque string attached to the participant and visible to other clients.
`grants` optional	object	Permission flags: `canPublish`, `canSubscribe`, and `canPublishData` (booleans). All default to `true`.

Example request

curl

curl https://api.relay.welbuiltai.tech/v1/tokens \
  -H "Authorization: Bearer sk_live_..." \
  -H "Content-Type: application/json" \
  -d '{
    "room": "my-room",
    "identity": "user-123",
    "name": "Ada Lovelace",
    "ttl": 3600,
    "grants": { "canPublish": true, "canSubscribe": true }
  }'

server.js (Node)

const res = await fetch("https://api.relay.welbuiltai.tech/v1/tokens", {
  method: "POST",
  headers: {
    "Authorization": "Bearer sk_live_...",
    "Content-Type": "application/json",
  },
  body: JSON.stringify({
    room: "my-room",
    identity: "user-123",
    name: "Ada Lovelace",
    ttl: 3600,
    grants: { canPublish: true, canSubscribe: true, canPublishData: true },
  }),
});

const { token, url, room } = await res.json();

Response

A 200 OK response returns the access token, the LiveKit server URL to connect to, and the fully-namespaced room name:

200 OK

{
  "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  "url": "wss://livekit.welbuiltai.in",
  "room": "p_<projectId>__my-room"
}

Errors

401 unauthorized — the API key is missing, invalid, or revoked (revoked keys return code key_revoked).
422 validation_error — the request body failed validation (for example an invalid room or missing identity).

401 Unauthorized

{
  "error": {
    "type": "unauthorized",
    "code": "unauthorized",
    "message": "Missing or invalid API key"
  }
}

422 Unprocessable Entity

{
  "error": {
    "type": "validation_error",
    "code": "validation_error",
    "message": "room may only contain letters, digits, and . _ - :"
  }
}