Authentication How-tos

Orga splits credentials into long-lived API keys (server only) and short-lived ephemeral tokens (client). These guides show how to manage that split without leaking secrets.

Available guides

• Authenticate your backend – Exchange your API key for ephemeral tokens and ICE servers, then hand them to client SDKs.

Need conceptual background instead? Read the Authentication explanation. Need API payloads? Jump to the client secrets reference.