0

I'm using the @azure/communication-common and @azure/communication-calling libraries in my JavaScript application to create a call between two users. I've made use of the following API: "POST {endpoint}/calling/serverCalls/{serverCallId}/recordings?api-version=2021-08-30-preview," as detailed in the Azure Communication Services API documentation here.

To authenticate my requests, I'm utilizing a User Access Token generated from my Azure Communication Service resource, which is passed as a Bearer Token in the "Authorization" header of my fetch request. However, I'm encountering a CORS (Cross-Origin Resource Sharing) error when I don't specify a mode for my request. When I do specify the mode as "no-cors," I receive a 401 (Unauthorized) error.

I have explored various solutions mentioned in the Azure Documentation, but the issue persists. Could someone please assist me in resolving this?

I have provided the token as a Bearer token as described in here, but still get 401.

Improve this question
1
  • Please edit the question to limit it to a specific problem with enough detail to identify an adequate answer. Commented Sep 22, 2023 at 15:05

1 Answer 1

Reset to default
0

The token described in your last link is the user token used to join calls (and chats), but the calling/serverCalls/{serverCallId}/recordings API is the server API, similar to the Identity one that you used to obtain user tokens.

That server API can be called directly, but you can also use Call Automation SDK to access it, like in this Call Recording Quickstart.

EDIT: Calling the server API directly from your client app is usually a bad idea. There are 2 ways to authenticate the server API:

  1. By signing your request with HMAC. This means the client app needs to know the AccessKey, which is bad. Knowing the access key gives client app full permissions on the resource, ability to delete users, etc.

  2. By using AAD. There is no access key involved, but the client app will again have full permissions on the resource.

The right way to do this is to call the recording API from your backend. Have auth between your frontend and backend and then let the backend authenticate to the Azure Communication services via HMAC or AAD.

See here for more details on authentication: Authenticate to Azure Communication Services .

Also check out this Call Recording overview for more useful info.

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

Thank you @mbakalov. I want to call the server API directly. Can you tell me what token to authorize it with?
@AbdullahNadeem - I made an edit to add some details. The recording server API is similar to the Identity API (which you used to obtain the calling token), and calling it directly from a client app is usually a bad idea. In addition to the Call Recording overview from my post, here is also a simple-recording-js sample that ties client and server together. Note how the server recording API is called from the backend there.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.