API Authorization

Personal Access Tokens should be used only by individuals to access data belonging to their account. Personal Access Tokens are not intended to be used by businesses and integrators. However, you can still use them to test our API. But once you decide to go with us, please ask for oAuth credentials (read below).  

The correct authorization approach for integrators is using OAuth. OAuth credentials are provided on demand. Please contact our support to obtain them. In case Slack channel support is part of our cooperation, don’t hesitate to ask there. 

Why do we encourage using OAuth?

Increased security

  • Unlike oAuth Access Tokens, Personal Access Tokens don’t expire. If your database is breached, the hijacker gains access forever.
  • When oAuth is used and your data are breached, revoking all user accesses is an easy step for Angelcam. In case Personal Access Tokens are used, there’s no easy way to recognize which Personal Access Tokens should be revoked. 

Better user experience
Asking users for permissions using prompting dialog is much easier and faster than asking them to copy-paste Personal Access Token.

User Management

In case your business model is based on providing certain functionality for multiple users and users are not interacting with Angelcam directly, please use the same approach when taking advantage of our API: Setup a unique user account via Angelcam API for each of your user accounts:

  • Let us know that this is your use case. Based on that we will set up your API access properly.
  • Later when creating a user via API, setup his password and store it in your backend. Then you can exchange the password for an access token using password grant type

Basic naming and services

Using our API following fundamental services can be controlled and consumed.

Camera management: We support connecting cameras that are available on public IP addresses (so-called “direct” connection type) or via Angelcam connector (so-called “arrow connection type”).

Sensor management: The sensor is a virtual entity in our API that can be used to send events to Angelcam cloud. Sending an event can trigger Event recording, mark event on camera timeline or trigger alarm.  

Live video stream: We support consuming live video streams from cameras in HLS, fMP4 or MJPEG format. Available stream types depend on type of the camera.

Continuous recording: Continuous recording is limited by retention. Retention means how many days of recording is stored on the Angelcam cloud before it’s deleted (e.g. Angelcam stores the recording for the last 3 days).

Event recording: Event recording is limited by retention and by the allowed total amount of recorded minutes (e.g. we store at maximum 60 minutes of recordings for the last 3 days). Event Recording can be triggered by sending an event from a sensor

Clip management: A clip is a permanent video created from the record that is created explicitly on user request. The purpose of the clip is to store safely something valuable from both Continuous or Event recording. 

Did this answer your question?