Getting Started
Ephemeral Token Service generates short-lived API tokens for the OpenAI Realtime API. Available as an open web service in Eyevinn Open Source Cloud, it lets browser and mobile apps call the OpenAI Realtime API directly without exposing your main OpenAI API key.
The flow is: your app requests an ephemeral token from this service, uses it to open a Realtime session, and the token expires automatically once the session ends.
Prerequisites
- If you have not already done so, sign up for an Eyevinn OSC account
- An OpenAI API key with Realtime API access
Step 1: Store your OpenAI API key as a secret
Navigate to the Ephemeral Token Service in the Eyevinn OSC web console. Go to the "Service Secrets" tab and click "New Secret".
Create the following secret:
openaikeywith your OpenAI API key
Step 2: Create the Ephemeral Token Service instance
Go to the "My ephtoken-svc" tab and click "Create ephtoken-svc". Fill in:
- Name: a name for your instance (alphanumeric only)
- OpenAiApiKey:
{{secrets.openaikey}}
Click on the instance card when the status is green and "running". Copy the service URL.
Step 3: Request an ephemeral token
Your backend or frontend requests a token from the service. The token is returned and used directly with the OpenAI Realtime API.
# Request an ephemeral token
curl -X POST https://<your-instance-url>/token \
-H "Content-Type: application/json" \
--output token.json
# The response contains a short-lived token for the Realtime API
cat token.json
Use the returned token in your client app to connect to the OpenAI Realtime WebSocket endpoint.
Using the CLI
npx @osaas/cli create eyevinn-ephtoken-svc my-ephtoken \
-o OpenAiApiKey="{{secrets.openaikey}}"
Configuration Options
| Option | Required | Description |
|---|---|---|
name |
Yes | Name of the ephtoken-svc instance. Alphanumeric only. |
OpenAiApiKey |
Yes | Your OpenAI API key. Store as a secret and reference with {{secrets.name}}. |