Call Initiation
Hidoba Research Voice Calls SDK supports two distinct methods for initiating calls. Both methods use the same API key authentication, but differ in where and how the call is created.
Overview
| Method | Call Creation | API Key Location | Control Level |
|---|---|---|---|
| Client-Side Initiation | Browser creates call directly | Client-side code | Direct SDK control |
| Server-Side Initiation | Your server creates call, returns signed URL | Server-side (secure) | Backend-mediated control |
Client-Side Initiation
The browser directly communicates with Hidoba Research's backend to create and establish the call.
Characteristics:
- Direct connection: Browser → Hidoba Research API → WebSocket
- Single-step process from user action to call
- SDK handles call creation, authentication, and connection
Best for:
- Rapid development and prototyping
- Simple applications without backend complexity
- When you want the SDK to handle the entire flow
Security considerations:
- API key must be present in client-side code
- Users can inspect and potentially extract the API key
- No server-side control over call initiation
Server-Side Initiation (Recommended for Production)
Your backend server creates the call and provides the client with a signed URL for connection.
Characteristics:
- Mediated connection: Browser → Your Server → Hidoba Research API → Signed URL → Browser → WebSocket
- Two-step process: server creates call, client connects using provided credentials
- Your server manages call creation and can implement business logic
Best for:
- Production applications requiring security and control
- User authentication and management requirements
- Integration with existing backend systems
- Rate limiting, usage tracking, and analytics
- Compliance or security policies requiring API key protection
Security benefits:
- API key remains secure on your server
- You control who can initiate calls
- Call metadata and parameters managed server-side
- Integration with your existing authentication system
Key Differences
Call Creation Process
Client-Side: User action → SDK creates call → WebSocket connection → Conversation
Server-Side: User action → Frontend requests call → Server creates call → Server returns signed URL → SDK connects → WebSocket connection → Conversation
API Key Usage
- Client-Side: API key used directly by the SDK in the browser
- Server-Side: API key used by your server; client never sees it
Control and Flexibility
- Client-Side: Direct SDK control, immediate initiation, limited business logic
- Server-Side: Full backend control, authentication, rate limiting, logging, analytics
Implementation Details
For specific implementation instructions:
- Client-Side Setup: See Initialization
- Server-Side Setup: See Backend API Reference
- SDK Usage: See SDK Reference