Application server

Your application server must communicate with your OpenVidu deployment to create Sessions and Connections before your clients can connect to a video call. This is the way that OpenVidu guarantees the security of your Sessions. Visit section Developing your video app to learn about these basic concepts.

There are Java and Node SDKs available to integrate OpenVidu into your application server, but of course you can consume OpenVidu REST API directly from any backend framework.

You will need your OpenVidu deployment URL and your OpenVidu secret to reach your OpenVidu deployment from your application server. In all of the examples below, these are represented by variables OPENVIDU_URL and OPENVIDU_SECRET.

1. Initialize a Session 🔗

You must first initialize a Session in OpenVidu. Participants connected to the same Session are able to send and receive Streams between them (see Basic Concepts).

OpenVidu openvidu = new OpenVidu(OPENVIDU_URL, OPENVIDU_SECRET);
SessionProperties properties = new SessionProperties.Builder().build();
Session session = openVidu.createSession(properties);

See JavaDoc

2. Create a Connection 🔗

You must create Connections for a specific Session to allow participants to connect to it. Each participant will take one Connection, using its Token to connect (see Basic Concepts).

ConnectionProperties connectionProperties = new ConnectionProperties.Builder()
Connection connection = session.createConnection(connectionProperties);
String token = connection.getToken(); // Send this string to the client side

See JavaDoc

Server application samples 🔗





Coming soon...

These are all basic server applications that provide a good starting point for your backend integration of OpenVidu.

  • All of them provide the same 2 endpoints to perform the 2 basic operations: initializing Sessions and creating Connections.
  • All of them are interchangeable: an application that consumes these 2 endpoints will work with any of the sample server applications.
  • All of them are configured to allow CORS from any origin. In production environments your application server may be configured to allow only calls from specific client origins.
  • None of them offer any kind of user control. In production environments generally your application server should know who is trying to initialize Sessions and create Connections. User control is a topic outside the scope of OpenVidu, and will depend on the chosen technology.

REST endpoints 🔗

The two endpoints offered by all server application samples are documented below. Note that by default all applications listen on https://localhost:5000 when serving them using the official instructions:

1. Initialize a Session
URL https://localhost:5000/api/sessions
REQUEST BODY Same request body as the REST API operation POST /openvidu/api/sessions
200 OK RETURN VALUE A string with the Session identifier.
For example: "ses_JM9v0nfD1l"
2. Create a Connection
URL https://localhost:5000/api/sessions/SESSION_ID/connections
REQUEST BODY Same request body as the REST API operation POST /openvidu/api/sessions/<SESSION_ID>/connection
200 OK RETURN VALUE A string with the Connection's token.
For example: "wss://localhost:4443?sessionId=ses_JM9v0nfD1l&token=tok_MIYGGzuDQb8Xf1Qd"

User Authentication 🔗

The application servers are stateless. They do not store any information about users or sessions. It is your responsibility to implement user authentication and authorization in your application server. This is a very important topic that is outside the scope of OpenVidu. You can find some useful information in the User Authentication section.