Skip to main content

Documentation Index

Fetch the complete documentation index at: https://dev.docs.inworld.ai/llms.txt

Use this file to discover all available pages before exploring further.

All requests to Inworld’s APIs must include an API key in an Authorization HTTP header. All APIs support both Basic and JWT authentication.

Getting an API key

To get an API key, follow these steps:
  1. Log in to Inworld Portal.
  2. Click API Keys on the bottom left sidebar.
  3. Click Generate new key to generate a new API key.
  4. Copy the Basic (Base64) authorization signature.
Get API Key You can also specify for each API key whether it has write permissions to:
  • Voice API, which enables the API key to be used for POST, PATCH, and DELETE endpoints (clone voice, update voice, delete voice). GET endpoints only require read permissions.
  • Router API, which enables the API key to be used for POST, PATCH, and DELETE endpoints (create router, update router, delete router). GET endpoints only require read permissions.
Router API Key Permissions These permissions do not impact other APIs (such as Text-to-Speech and LLM).

Basic authentication

Do not expose your Base64 API credentials in client-side code (browsers, apps, game builds), as it may be compromised. Please consider JWT authentication for client-side builds.
Basic authentication uses the Base64 encoded credentials to authenticate the request. Below is an example of the header for Basic authentication: 
Authorization: Basic $INWORLD_API_KEY
Make sure to keep your Base64 credentials safe, as anyone with your credentials can make requests on your behalf. It is recommended that credentials are stored as environment variables and read at run time.

Realtime-only API keys

A Realtime-only API key is a credential built specifically for the Inworld Realtime API. Use it for any voice agent that connects over WebSocket or WebRTC.

What it covers

  • Realtime sessions over WebSocket and WebRTC
  • Streaming audio in and audio out within a realtime session
  • Speech, language, and voice generation that the Realtime API performs for you
For other Inworld APIs, create a Standard API key.

Create the key

  1. Sign in to Inworld Portal and open API Keys.
  2. Click Generate new key and choose Realtime-only as the key type.
  3. Copy the Base64 credentials.
Store the credentials in a secret manager (recommended) or as an environment variable on your backend. Read them at runtime, and keep them out of source control and out of client-side code (browsers, apps, game builds).
A key’s type is fixed at creation. To use a different key type, please create a new key.

Authenticate your requests

On your backend, use the key to mint a short-lived JWT. Send the JWT as a Bearer token in the Authorization header when opening a WebSocket or WebRTC connection: 
Authorization: Bearer $JWT
The Node.js JWT sample app shows the full flow. Once you have a JWT, jump to the WebSocket or WebRTC connection guide.