This guide explains how to generate the Alibaba Real-time Communication (ARTC) authentication token for initiating calls.
Overview
The AICallKit SDK enables the client application to directly initiate calls with an AI agent. To do this, each call must be authenticated with an ARTC token. Therefore, your App Server must implement an API endpoint that can generate and provide these tokens. The client fetches the token from your App Server before initiating the call.
Procedure
To generate an ARTC token, get the AppId and AppKey of your ARTC application.
Go to the AI Agents page in the IMS console. Click an agent to go to the agent details page.
Click ARTC application ID. You are redirected to the ApsaraVideo Live console, where the AppID and AppKey are provided.
Generate the ARTC authentication token using your AppID and AppKey. The token is generated using the following formula:
// 1. Concatenate the following fields: AppID+AppKey+ChannelID+UserID+Nonce+Timestamp // 2. Use the sha256 function on the concatenated string to generate the token. token = sha256(AppID+AppKey+ChannelID+UserID+Nonce+Timestamp) // Example: AppID = "abc",AppKey="abckey",ChannelID="abcChannel",UserID="abcUser",Nonce="",Timestamp=1699423634 token = sha256("abcabckeyabcChannelabcUser1699423634") = "3c9ee8d9f8734f0b7560ed8022a0590659113955819724fc9345ab8eedf84f31"Field
Description
AppID
The ARTC application ID and key that are automatically generated after you create the application in the console. For more information, refer to Obtain development parameters.
AppKey
ChannelID
The custom channel ID. It must be a string and can contain digits, letters, hyphens (-), and underscores (_), with a maximum length of 64 characters.
All participants in the same session (the host and co-hosts) must use the same
ChannelID.UserId
The custom user ID. It must be a string and can contain digits, letters, hyphens (-), and underscores (_), with a maximum length of 64 characters.
Nonce
A nonce string. We recommend leaving this field empty.
Timestamp
The expiration timestamp for the token, in seconds. We recommend setting it to 24 hours. To do so, add 86400 (24 × 60 × 60) to the current UNIX timestamp.
Server-side token generation: The following code samples show how to generate a token on your server.
Java
package com.example; import java.nio.charset.StandardCharsets; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; import java.util.Base64; import java.util.Calendar; import org.json.JSONObject; public class App { public static String createBase64Token(String appid, String appkey, String channelid, String userid) { // Calculate the expiration timestamp (24 hours from now) Calendar calendar = Calendar.getInstance(); calendar.add(Calendar.HOUR_OF_DAY, 24); long timestamp = calendar.getTimeInMillis() / 1000; // Concatenate the strings String stringBuilder = appid + appkey + channelid + userid + timestamp; // Calculate the SHA-256 hash String token = sha256(stringBuilder); // Create the JSON object JSONObject base64tokenJson = new JSONObject(); base64tokenJson.put("appid", appid); base64tokenJson.put("channelid", channelid); base64tokenJson.put("userid", userid); base64tokenJson.put("nonce", ""); base64tokenJson.put("timestamp", timestamp); base64tokenJson.put("token", token); // Convert the JSON object to a string and encode it in Base64 String jsonStr = base64tokenJson.toString(); String base64token = Base64.getEncoder().encodeToString(jsonStr.getBytes(StandardCharsets.UTF_8)); return base64token; } private static String sha256(String input) { try { MessageDigest digest = MessageDigest.getInstance("SHA-256"); byte[] hash = digest.digest(input.getBytes(StandardCharsets.UTF_8)); StringBuilder hexString = new StringBuilder(); for (byte b : hash) { String hex = Integer.toHexString(0xff & b); if (hex.length() == 1) hexString.append('0'); hexString.append(hex); } return hexString.toString(); } catch (NoSuchAlgorithmException e) { throw new RuntimeException(e); } } public static void main(String[] args) { String appid = "your_appid"; String appkey = "your_appkey"; String channel_id = "your_channel_id"; String user_id = "your_user_id"; String base64token = createBase64Token(appid, appkey, channel_id, user_id); System.out.println("Base64 Token: " + base64token); } }Python
#!/usr/bin/env python # -*- coding: UTF-8 -*- import hashlib import datetime import time import base64 import json def create_base64_token(app_id, app_key, channel_id, user_id): expire = datetime.datetime.now() + datetime.timedelta(days=1) timestamp = int(time.mktime(expire.timetuple())) h = hashlib.sha256() h.update(str(app_id).encode('utf-8')) h.update(str(app_key).encode('utf-8')) h.update(str(channel_id).encode('utf-8')) h.update(str(user_id).encode('utf-8')) h.update(str(timestamp).encode('utf-8')) token = h.hexdigest() jsonToken = {'appid': str(app_id), 'channelid': str(channel_id), 'userid':str(user_id), 'nonce':'', 'timestamp':timestamp, 'token':str(token) } base64Token = base64.b64encode(json.dumps(jsonToken).encode()) return base64Token def main(): app_id = 'your_appid' app_key = 'your_appkey' channel_id = 'your_channel_id' user_id = 'your_user_id' base64Token = create_base64_token(app_id, app_key, channel_id, user_id) print(base64Token) if __name__ == '__main__': main()Go
package main import ( "crypto/sha256" "encoding/base64" "encoding/hex" "encoding/json" "fmt" "time" ) func createBase64Token(appid, appkey, channelID, userID string) (string, error) { // Calculate the expiration timestamp (24 hours from now) timestamp := time.Now().Add(24 * time.Hour).Unix() // Concatenate the strings stringBuilder := appid + appkey + channelID + userID + fmt.Sprintf("%d", timestamp) // Calculate the SHA-256 hash hasher := sha256.New() hasher.Write([]byte(stringBuilder)) token := hasher.Sum(nil) // Convert the hash to a hexadecimal string using encoding/hex tokenHex := hex.EncodeToString(token) // Create the JSON object tokenJSON := map[string]interface{}{ "appid": appid, "channelid": channelID, "userid": userID, "nonce": "", "timestamp": timestamp, "token": tokenHex, } // Convert the JSON object to a string and encode it in Base64 jsonBytes, err := json.Marshal(tokenJSON) if err != nil { return "", err } base64Token := base64.StdEncoding.EncodeToString(jsonBytes) return base64Token, nil } func main() { appid := "your_appid" appkey := "your_appkey" channelID := "your_channel_id" userID := "your_user_id" token, err := createBase64Token(appid, appkey, channelID, userID) if err != nil { fmt.Println("Error creating token:", err) return } fmt.Println("Base64 Token:", token) }Client-side embedded token: If you cannot implement server-side token generation during development, you can generate tokens directly on the client. This method requires embedding your ARTC AppID and AppKey within your client-side application. To generate a client-side token, you must create a JSON object with the calculated token and its five source parameters (AppID, ChannelID, Nonce, UserID, and Timestamp), and then encode this object in Base64. Your application then passes the Base64-encoded string to the ARTC SDK, along with a
UserNamefield for troubleshooting.ImportantThis method requires embedding your AppKey and other sensitive information into your application. It is for testing and development only. Never use this method in a production environment. Exposing your AppKey on the client side creates a serious security risk.