Generate a room

This is a POST request, where the start page can optionally be specified.

POST /api/v2/create HTTP/1.1
Host: api.samesurf.com
Content-Length: 35
Authorization: Bearer YOUR-BEARER-TOKEN
Content-Type: application/json
{
   "starturl":"http://www.samesurf.com"
}

Example Response:

HTTP/1.1 200 OK
Date: Thu, 23 Feb 2017 00:12:13 GMT
Transfer-Encoding: chunked
Content-Type: application/json; charset=utf-8
{
   "name":"123456789",
   "token":"123456789",
   "leadertoken":"123456789",
   "publicinvitation":"https://realtime.samesurf.com/demo/index/123456789/123456789",
   "success":true
}

This is an example using jQuery for ajax, and jsrsasign to create the JWT token.

var token_body = {
  iat: Math.floor(new Date().getTime() / 1000),
  sub: "YOUR API KEY",
};

var token = KJUR.jws.JWS.sign("HS256", { typ: "JWT" }, token_body, "YOUR API SECRET");
var start_room = {
  starturl: "http://www.yahoo.com"
};

$.ajax({
   url: "https://api.samesurf.com/api/v2/create",
   dataType: 'json',
   type: 'POST',
   data: JSON.stringify(start_room),
   beforeSend: function (xhr) {
      xhr.setRequestHeader("Content-Type", "application/json");
      xhr.setRequestHeader("Authorization", "Bearer " + token);
   },
   error: function () {
      // error handler
   },
   success: function (data) {
      return data;
   }
});

The last example used the HS256 signing algorithm and embeds the secret in a page. If you don't wish to do this, you could call the api from you own server, or enable the "none" algorithm for the api key. Here is an example doing just that:

var token_body = {
   iat: Math.floor(new Date().getTime() / 1000),
   sub: "YOUR API KEY",
};
var token = KJUR.jws.JWS.sign("none", { typ: "JWT" }, token_body);
var start_room ={
   starturl: "http://www.yahoo.com"
};
$.ajax({
   url: "https://api.samesurf.com/api/v2/create",
   dataType: 'json',
   type: 'POST',
   data: JSON.stringify(start_room),
   beforeSend: function (xhr) {
      xhr.setRequestHeader("Content-Type", "application/json");
      xhr.setRequestHeader("Authorization", "Bearer " + token);
   },
   error: function () {
      // error handler
   },
   success: function (data) {
      console.log("this is a link to the room", data.publicinvitation);
      return data;
   }
});

You can also specify cookies that will be passed through to the created room.

POST /api/v2/create HTTP/1.1
Host: api.samesurf.com
Content-Length: 35
Authorization: Bearer YOUR-BEARER-TOKEN
Content-Type: application/json
{
   "starturl":"http://www.samesurf.com",
   "cookies": [
      {
         "domain": "twitter.com",
         "path": "/",
         "name": "auth_token",
         "value": "your_auth_token",
         "secure": true,
         "httponly": true
      }
   ]
}