Server-Side Session and Token Management

Before running the backend exercise, it helps to understand what the server returns and what the client expects from it. This module reviews the session and token flow used by this learning path so you can debug faster during setup.

For full context around this flow, see Server setup for groups.

Session response in one minute

Use this as the reference shape:

// routes/index.js
async function createSession(response, roomName, sessionProperties = {}, role = 'moderator') {
  let sessionId;
  let token;
  console.log(`Creating ${role} creds for ${roomName}`);

  if (roomToSessionIdDictionary[roomName]) {
    sessionId = roomToSessionIdDictionary[roomName];
  } else {
    const session = await vonage.video.createSession(sessionProperties);
    roomToSessionIdDictionary[roomName] = session.sessionId;
    sessionId = session.sessionId;
  }

  token = vonage.video.generateClientToken(sessionId, { role });

  response.setHeader('Content-Type', 'application/json');
  response.send({
    applicationId: appId,
    sessionId,
    token,
  });
}

Notes that prevent integration issues

Sessions are cached in memory to keep everyone in the same room on subsequent requests.
vonage.video.createSession() talks to the Video API and provisions a media router if one does not exist yet.
vonage.video.generateClientToken() produces a JWT that includes role information (here we default to moderator so the user can control archives later).

The handler returns the Application ID, Session ID, and token back to the browser so it can initialize the SDK.

Quick check before backend deployment

You can explain what the frontend expects from /session.
You know which values are generated server-side versus supplied by client config.
You have a clear target for the Deploy the Backend exercise.