How to upgrade to token-based authentication?

To meet the requirements for higher security, Agora is phasing out authenticating with an App ID. For projects that currently use App ID to authenticate users, Agora recommends the following steps to upgrade all your projects to token-based authentication

1. Enable the App Certificate

If you choose the APP ID authentication mechanism when creating a project, you need to enable the primary certificate manually.

On the Edit Project page, find Primary certificate and click Enable. Once the primary certificate is enabled, you can click to view and copy the primary certificate, and use either an App ID or the token generated by the primary certificate for authentication.

Once the App Certificate is enabled, the project supports authenticating users with either an App ID or a token. This enables the app to ungrade to token-based authentication without any impact on current users.

2. Generate tokens on your app server

Refer to Generate a Token to deploy a token generator on your app server.

3. Modify the app client logic

Now modify the authentication logic on your app client. Ensure that you fill the token parameter in joinChannel or login with the token generated from your app server.

4. Grey release

Your app client is now ready for a grey release. In this state, app users can join a channel either with or without a token.

5. Delete No Certificate

When all app clients have upgraded to token-based authentication, delete No Certificate in Agora Console. This prevents users from joining a channel with only an App ID.