I'm finding two different methods to generate the sinch auth token in an app server. One for the Android client and a different one for the JS client. Is it possible to use the same token for both the android and JS clients?
For android I see https://www.sinch.com/docs/voice/android/#authenticationsupportedbyapplicationserver which is described as using a nonce and a signature derived from
string stringToSign = userId + applicationKey + sequence + applicationSecret;
Here the response from the backend needs to have the token and the nonce and then in the android client
registrationCallback.register(signature, nonce);
For javascript it is completely different https://github.com/sinch/sinch-js-ticketgen/blob/master/index.js.
The token is generated from a json object like this
{
'applicationKey': appKey,
'identity': {'type': 'username', 'endpoint': user['username']},
'created': timestamp || (new Date()).toISOString(),
'expiresIn': 86400, //24 hour default expire
}
where the result is a json with a userToken field with userTicketBase64 + ':' + signature.
And then in the JS client
sinchClient.start(backendResponse)
This is confusing, do both clients really need completely different authentication tokens? if not, how can I generate one that works for both and how can I initialize the two different clients?
It's not possible to generate tokens in one single way that work for both platforms