API Authorization
Personal Access Tokens should be used only by individuals to access data belonging to their accounts. Personal Access Tokens are not intended to be used by businesses and integrators. However, you can still use them to test our API. But once you decide to go with us, please ask for oAuth credentials (read below).
The correct authorization approach for integrators is using OAuth. OAuth credentials are provided on demand. Please contact our support to obtain them. In case Slack channel support is part of our cooperation, don’t hesitate to ask there.
Why do we encourage using OAuth?
Increased security
Unlike oAuth Access Tokens, Personal Access Tokens don’t expire. If your database is breached, the hijacker gains access forever.
When oAuth is used and your data are breached, revoking all user accesses is an easy step for Angelcam. In case Personal Access Tokens are used, there’s no easy way to recognize which Personal Access Tokens should be revoked.
Better user experience
Asking users for permissions using a prompting dialog is much easier and faster than asking them to copy-paste Personal Access Token.
User Management
In case your business model is based on providing certain functionality for multiple users and users are not interacting with Angelcam directly, please use the same approach when taking advantage of our API: Setup a unique user account via Angelcam API for each of your user accounts:
Let us know if this is your use case. Based on that we will set up your API access properly.
Later when creating a user via API, set up his password and store it in your backend. Then you can exchange the password for an access token using the password grant type
Basic naming and services
Using our API following fundamental services can be controlled and consumed.
Camera management: We support connecting cameras that are available on public IP addresses (so-called “direct” connection type) or via Angelcam connector (so-called “arrow connection type”).
Sensor management: The sensor is a virtual entity in our API that can be used to send events to the Angelcam cloud. Sending an event can trigger an Event recording, mark an event on the camera timeline, or trigger an alarm.
Live video stream: We support consuming live video streams from cameras in HLS, fMP4, or MJPEG format. Available stream types depend on the type of camera.
Continuous recording: Continuous recording is limited by retention. Retention means how many days of recording is stored on the Angelcam cloud before it’s deleted (e.g. Angelcam stores the recording for the last 3 days).
Event recording: Event recording is limited by retention and by the allowed total amount of recorded minutes (e.g. we store a maximum of 60 minutes of recordings for the last 3 days). Event Recording can be triggered by sending an event from a sensor.
Clip management: A clip is a permanent video created from the record that is created explicitly on user request. The purpose of the clip is to store safely something valuable from both Continuous or Event recording.
😇 We are here to help
Just say hello@angelcam.com or check out Angelcam Community to connect with other users sharing their own experiences and insight into various security topics.