Client Tokens
Mint a short-lived, capped client token for direct browser use. Call this server-side with your API key; the returned token grants the requested scopes (default ‘interhumanai.stream’) and can be handed to a browser to call the upload and stream endpoints — e.g. POST /v1/upload/analyze, or open wss://…/v1/stream/analyze via the ‘access_token’ WebSocket subprotocol. The embedded caps are enforced by the API across upload and stream (the video budget spans both).
Response Headers
f47ac10b-58cc-4372-a567-0e02b2c3d479Headers
Optional identifier supplied by the client to correlate this request with their own logs. When provided, the value is recorded alongside the server-assigned correlation ID in Interhuman logs to aid lookup and support investigations. This header is not echoed back in the response; the server returns its own correlation ID in the X-Correlation-ID HTTP response header.
Body
Request schema for minting an ephemeral, capped client token.
Your full API key from the Interhuman dashboard.
Scopes to grant the token. Defaults to interhumanai.stream. The key must itself hold every requested scope. The per-token caps are enforced on streaming sessions (stream / real-time); the video budget additionally spans upload.
1Scopes define which endpoints the API key can call.
Options:
- interhumanai.upload for /v1/upload/analyze
- interhumanai.stream for /v1/stream/analyze
interhumanai.upload, interhumanai.stream Requested time-to-live in seconds. Clamped to the supported range (60–3600s). Omit to use the default. The response expires_in is authoritative.
x >= 1Maximum wall-clock duration of a stream session opened with this token.
x >= 1Maximum cumulative video bytes a session opened with this token may send.
x >= 1Maximum number of concurrent streaming sessions opened with this token. Defaults to 1 (a minted token can drive only one session at a time); raise it only if a single token must power several simultaneous sessions.
x >= 1Maximum total seconds of video the token may process across upload, stream, and real-time combined. Metered server-side; when exhausted, further processing is refused and the client must mint a new token.
x >= 1Allow-list of browser Origin values permitted to use this token. When set, a connection whose Origin is absent or not listed is rejected.
Response
Successful Response
Response schema for a minted ephemeral client token.
The generated client token.
Time in seconds until the token expires.
Space-separated list of granted scopes.
Token type. Always Bearer.
Per-token max session duration that will be enforced, if any.
Per-token max cumulative session bytes that will be enforced, if any.
Per-token max concurrent sessions that will be enforced, if any.
Per-token total video-seconds budget that will be enforced, if any.
Per-token allow-list of browser origins that will be enforced, if any.