How to use WebRTC without revealing API key?

[SteveW117]

Demo requires placing of key in api.json file, which would be readable by all users in a production environment...how can D-ID web services be used securely via WebRTC without compromising security in this way?

[juberti]

typically API vendors provide a way to get a temporary key to access the service directly from a web client, e.g., https://changelog.assemblyai.com/july-27th-2021/.

[orgoro]

we have a client key mechanism implemented in the agents API

check it out in studio.d-id.com/agents > create agent > embed