CreateChatToken - Amazon IVS

CreateChatToken

Creates an encrypted token that is used by a chat participant to establish an individual WebSocket chat connection to a room. When the token is used to connect to chat, the connection is valid for the session duration specified in the request. The token becomes invalid at the token-expiration timestamp included in the response.

Use the capabilities field to permit an end user to send messages or moderate a room.

The attributes field securely attaches structured data to the chat session; the data is included within each message sent by the end user and received by other participants in the room. Common use cases for attributes include passing end-user profile data like an icon, display name, colors, badges, and other display features.

Encryption keys are owned by Amazon IVS Chat and never used directly by your application.

Request Syntax

POST /CreateChatToken HTTP/1.1 Content-type: application/json { "attributes": { "string" : "string" }, "capabilities": [ "string" ], "roomIdentifier": "string", "sessionDurationInMinutes": number, "userId": "string" }

URI Request Parameters

The request does not use any URI parameters.

Request Body

The request accepts the following data in JSON format.

attributes

Application-provided attributes to encode into the token and attach to a chat session. Map keys and values can contain UTF-8 encoded text. The maximum length of this field is 1 KB total.

Type: String to string map

Required: No

capabilities

Set of capabilities that the user is allowed to perform in the room. Default: None (the capability to view messages is implicitly included in all requests).

Type: Array of strings

Valid Values: SEND_MESSAGE | DISCONNECT_USER | DELETE_MESSAGE

Required: No

roomIdentifier

Identifier of the room that the client is trying to access. Currently this must be an ARN.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 128.

Pattern: arn:aws:ivschat:[a-z0-9-]+:[0-9]+:room/[a-zA-Z0-9-]+

Required: Yes

sessionDurationInMinutes

Session duration (in minutes), after which the session expires. Default: 60 (1 hour).

Type: Integer

Valid Range: Minimum value of 1. Maximum value of 180.

Required: No

userId

Application-provided ID that uniquely identifies the user associated with this token. This can be any UTF-8 encoded text.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 128.

Required: Yes

Response Syntax

HTTP/1.1 200 Content-type: application/json { "sessionExpirationTime": "string", "token": "string", "tokenExpirationTime": "string" }

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

sessionExpirationTime

Time after which an end user's session is no longer valid. This is an ISO 8601 timestamp; note that this is returned as a string.

Type: Timestamp

token

The issued client token, encrypted.

Type: String

tokenExpirationTime

Time after which the token is no longer valid and cannot be used to connect to a room. This is an ISO 8601 timestamp; note that this is returned as a string.

Type: Timestamp

Errors

For information about the errors that are common to all actions, see Common Errors.

AccessDeniedException

HTTP Status Code: 403

PendingVerification

HTTP Status Code: 403

ResourceNotFoundException

HTTP Status Code: 404

ValidationException

HTTP Status Code: 400

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: