Connecting using Token Server

Owned by Jon Borromeo (Deactivated)
Last updated: Oct 31, 2022 by Chitra Borker (Deactivated)
3 min read

There are two options to connect your project to your custom UI, using web API keys or using a token server. The easier and more secure option is using the web API keys method.

Soul Machines uses an SSK to grant your UI access to our session servers. By signing a JSON Web Token with the SSK, our servers will grant you access.

What is a Shared Secret Key

A Shared Secret Key (SSK) is a cryptographic key or data that is only known to the parties involved in a secured communication. The shared secret can be anything from passwords or passphrases to a random number or an array of randomly chosen data.

Why would I use a Shared Secret Key?

By accessing our servers, you will effectively be able to host our Digital Person conversational experiences on your website and optionally connect the Digital Person to a custom backend. 

The Digital DNA Studio provides you with the three pieces of information that you need:

  1. Digital Person Server domain name is also called the Token Server or Session Server.

  2. keyName; this is called the “issuer” within the JWT 

  3. privateKey

Connection Configuration on Project Management Page

The private key must be used to sign the JWT using the HMAC-SHA256 signing standard, as shown in the following architecture diagram.

Architecture Diagram

How would I use a Shared Secret Key

When deploying an experience through the Digital DNA Studio, be sure to: 

  1. Select the “I HAVE MY OWN” option under the Deployment Configuration settings. You will be provided with a privateKey and the keyName under the “Session Server” category. 

  2. Sign your JWT. Use these three values when you are signing your JSON Web Token (JWT) to authorize a connection to the Digital Person. 

NOTE: This is a token sent along with the connection request from a UI you are hosting yourself (your website) and tells our server to grant you access.

Sample Code

You can use our sample code for local development testing and as the basis of a production deployment if you wish.

Express Token Server

The express-token-server sample code generates signed JWTs. To use the values provided by DDNA Studio, copy the .env.template file to .env, then within that copied file:

  1. Assign the SESSION_SERVER variable to the Session Server name provided by Studio.

  2. Assign the JWT_PUBLIC_KEY variable to the Key Name provided by Studio.

  3. Assign the JWT_PRIVATE_KEY variable to the Private Key provided by Studio.

React and Angular Templates

UI sample code in the form of React and Angular templates can be pointed at the express-token-server to use it for JWT generation, which in turn enables the UI to connect to the video and audio streams associated with the Digital Person running on Soul Machines' servers.


Connect to a Custom Back-end

If you wish to connect to a custom backend Orchestration Server to direct your Digital Person, then the address of this server must be included in your signed JWT using the sm-control field. 

Refer to the Connecting to Digital Person Using Token Server for more information on configuring your JWT.