Create your application, users and tokens

In order to use the Nexmo Client SDK, there are three things you need to set up before getting started:

  • Nexmo Application - an Application which contains configuration for the app that you are building.

  • Users - Users who are associated with the Nexmo Application. It is expected that Users will have a one-to-one mapping with your own authentication system.

  • JSON Web Tokens, JWTs - Nexmo Client SDK uses JWTs for authentication. In order for a user to log in and use the SDK functionality, you need to provide a JWT per user. JWTs contain all the information the Nexmo platform needs to authenticate requests, as well as information such as the associated Applications, Users and permissions.

All of these may be created by your backend. If you wish to get started and experience using the SDK without any implementation of your backend, this tutorial will show you how to do so, using the Nexmo CLI.


Make sure you have the following:

  • A Nexmo account - sign up
  • Node.JS and NPM installed
  • Install the Nexmo CLI.

To install the Nexmo CLI, run the following command in a terminal:

npm install -g nexmo-cli@beta

Set up the Nexmo CLI to use your Nexmo API Key and API Secret. You can get these from the settings page in the Nexmo Dashboard.

Run the following command in a terminal, while replacing api_key and api_secret with your own:

nexmo setup api_key api_secret

Create a Nexmo Application

Create an application within the Nexmo platform.

Run the following command:

nexmo app:create "My Nexmo App" --type=rtc --keyfile=private.key

The output will be similar to:

Application created: aaaaaaaa-bbbb-cccc-dddd-0123456789ab
No existing config found. Writing to new file.
Credentials written to /path/to/your/local/folder/.nexmo-app
Private Key saved to: private.key

On the first output line is the Application ID. Take a note of it. It will be later referred to as MY_APP_ID.

In addition, a private key is created and is saved locally on your machine. It is used to generate JWTs that are used to authenticate your interactions with Nexmo.

Create a User

Create a User who will log in to Nexmo Client and participate in the SDK functionality: Conversations, Calls and so on.

Replace MY_USER_NAME with your desired user name, and run the following command on a terminal:

nexmo user:create name="MY_USER_NAME"

The output with the user ID, is similar to:

User created: USR-aaaaaaaa-bbbb-cccc-dddd-0123456789ab

The user ID is used to perform tasks by the SDK, such as login, starting a call and more.

Generate a User JWT

Generate a JWT for the user. Remember to replace MY_APP_ID and MY_USER_NAME values in the command:

nexmo jwt:generate ./private.key sub=MY_USER_NAME exp=$(($(date +%s)+86400)) acl='{"paths":{"/*/users/**":{},"/*/conversations/**":{},"/*/sessions/**":{},"/*/devices/**":{},"/*/image/**":{},"/*/media/**":{},"/*/applications/**":{},"/*/push/**":{},"/*/knocking/**":{}}}' application_id=MY_APP_ID

The above command sets the expiry of the JWT to one day from now, which is the maximum amount of time. You may change the expiration to a shortened amount of time, or regenerate a JWT for the user after the current JWT has expired.

NOTE: In production apps, it is expected that your backend will expose an endpoint that generates JWT per your client request.

Further information

You can read more about the JWT and ACL in this topic.