logo
In-app Chat

Accessing Server APIs

Request structure

Service URL format

Developers need to specify the corresponding access address based on the geographical region of their server when sending requests to the ZEGOCLOUD server.

Warning

To ensure the quality of your business service access, please prioritize using the domain name of the geographical region where your server is located as the access address when sending requests to the ZEGOCLOUD server.

ZEGOCLOUD supports request access from the following geographical regions:

RegionAPI base URL
Chinese Mainland (Shanghai)${PRODUCT}-api-sha.zego.im
Hong Kong, Macau and Taiwan (Hong Kong)${PRODUCT}-api-hkg.zego.im
Europe (Frankfurt)${PRODUCT}-api-fra.zego.im
Western United States (California)${PRODUCT}-api-lax.zego.im
Asia-Pacific (Mumbai)${PRODUCT}-api-bom.zego.im
Southeast Asia (Singapore)${PRODUCT}-api-sgp.zego.im
Unified access address (regardless of region)${PRODUCT}-api.zego.im

${PRODUCT} refers to different services provided by ZEGOCLOUD. For this case, the following values are available:

Product${PRODUCT} ValueAPI base URL
In-app Chatzimzim-api.zego.im
Authentication (for ZIMAudio)authauth-api.zego.im

Communication protocol

For secure communications, all the Server APIs must be accessed via HTTPS requests.

Request method

The Server APIs support the following HTTP request methods:

  • GET
  • POST
Note

For a GET request, all request parameters (including common parameters and business-related parameters) should be placed in the Query. For a POST request, special and complex parameters can be placed in the Request Body.

Common parameters

Common request parameters

Common request parameters are the parameters that are required for every API request.

ParameterTypeRequiredDescription
AppIdUint32YesThe unique Application ID assigned to your project by ZEGO, which can be obtained from the ZEGOCLOUD Admin Console.
SignatureStringYesThe API request signature. Refer to Signing the requests for how to generate an API request signature.
SignatureNonceStringYesA random string.
SignatureVersionStringYesThe version of the signature. Default value: 2.0.
TimestampInt64Yes
GET Request
POST Request
https://zim-api.zego.im/?Action=xxx
&AppId=1234567890
&Timestamp=1234567890
&Signature=Pc5WB8gokVn0xfeu%2FZV%2BiNM1dgI%3D
&SignatureVersion=2.0
&SignatureNonce=15215528852396
&<Non-common Request Parameters>
1
Copied!
Copied!

Common response parameters

All responses to API requests are returned in a unified format, with the returned data in JSON format.

The following common response parameters will be included in the response to every request, regardless of whether the request is successful.

ParameterTypeDescription
CodeNumberReturn code.
MessageStringRequest result description.
RequestIdStringRequest ID.
Sample response
{
    "Code": 0,
    "Message": "",
    "RequestId": "8411281679140263090",
    ......
}
1
Copied!

Signing the requests

To ensure secure API calls, the ZEGOCLOUD server authenticates every API request, which means a request signature must be included in every API request.

Warning

A new signature needs to be generated for every API request.

Get the AppId and Server Secret Key

To generate a request signature, you will need to use the AppId and ServerSecret assigned to your project by ZEGOCLOUD. The AppId is used as the identifier of the request sender, and ServerSecret is the secret key to generate the signature string on the request sender side and verify the signature on the ZEGOCLOUD server. To ensure system security, please keep this information strictly confidential.

You can find the AppId and ServerSecret of your project in the ZEGOCLOUD Admin Console.

Generate a signature

Parameters required to generate a signature

ParameterDescription
AppIdApplication ID.
SignatureNonceA random string.
ServerSecretServer secret key.
TimestampUnix timestamp of the current time, in seconds. A maximum error of 10 minutes is allowed.
Note

The values of the SignatureNonce and Timestamp parameters used to generate the signature must be consistent with those of the common parameters.

Signature algorithm

Signature = md5(AppId + SignatureNonce + ServerSecret + Timestamp)

Format of the Signature string

The Signature is a hex string of 32 characters in lower case.

Signature sample code

ZEGOCLOUD provides sample code in various programming languages for generating the signature.

Go
Python
Java
PHP
Node.js
import (
   "crypto/md5"
   "crypto/rand"
   "encoding/hex"
   "fmt"
   "log"
   "time"
)
// Signature=md5(AppId + SignatureNonce + ServerSecret + Timestamp)
func GenerateSignature(appId uint32, signatureNonce string, serverSecret string, timestamp int64) (Signature string){
   data := fmt.Sprintf("%d%s%s%d", appId, signatureNonce, serverSecret, timestamp)
   h := md5.New()
   h.Write([]byte(data))
   return hex.EncodeToString(h.Sum(nil))
}
func main() {
   /* Generate a 16-character random hexadecimal string (16 bits) */
   nonceByte := make([]byte, 8)
   rand.Read(nonceByte)
   signatureNonce := hex.EncodeToString(nonceByte)
   log.Printf(signatureNonce)
   appId := 12345       // Use your appId and serverSecret
   serverSecret := "9193cc662a4c0ec135ec71fb57194b38"
   timestamp := time.Now().Unix()
   /* appId:12345
      signatureNonce:4fd24687296dd9f3
      serverSecret:9193cc662a4c0ec135ec71fb57194b38
      timestamp:1615186943      2021/03/08 15:02:23
      signature:43e5cfcca828314675f91b001390566a
    */
   log.Printf("signature:%v", GenerateSignature(uint32(appId), signatureNonce, serverSecret, timestamp))
}
1
Copied!
Copied!
Copied!
Copied!
Copied!

Signing failures

When a signature verification fails, an error code will be returned.

return codedescription
100000004Signature expired.
100000005Invalid signature.

Previous

Release Notes

Next

Query users online status