Daily API Developer Documentation

Daily Video Calls API Developer Documentation

Welcome to the Daily API developer documentation. You'll find comprehensive guides and documentation, to help you get started and build.

API Reference

Controlling who joins a meeting

Meeting join permissions

The room privacy setting

When a room is created, the room's privacy setting defaults to "public". Anyone who knows the room's URL can join a public room.

For many video call workflows, using "public" rooms is the right approach. If you are creating rooms on the fly for one-time use, just let the room creation API endpoint automatically generate a room name for you. The room URL will be impossible to guess, so only the people you send the URL to will be able to join the room. You can also set an exp time for the room, so that it is automatically deleted, and even people who have seen the URL to won't be able to reuse it, later.

But for other workflows, you will want to restrict access to your rooms. For example, if you are creating human-readable room names, someone could guess a room name and join a meeting uninvited. Or, if you are reusing meeting rooms, you might want to control access so that even people who have the room URL can't always join the room.

To restrict access to a room, change the room's privacy setting to "private".

A private room can be joined with a meeting token, by knocking, or by a logged-in user.

If you change a room from public to private while there are people in the room, those people will stay in the room. Anyone else who tries to join after the room is set to private will need to use one of those methods to get in.

Meeting tokens

A meeting token is the most flexible way to grant access to a private room. Meeting tokens can be different for each meeting participant, can be time-limited, and can include additional information about each user.

Any valid meeting token grants access to a private room. Simply create a meeting token, append it to the room URL as a t= query parameter, and use that new URL in your workflow.


Always set the room_name property when you are using meeting tokens to control room access. A meeting token without a room_name property allows access to any room in your domain.

When a user joins a meeting, we strip token from the URL, so that users don't accidentally share or forward room URLs that include meeting tokens.


Example showing a "knocking" interface.

To allow users to "knock" to request access to a private room, set the room's enable_knocking property to true.

When a user knocks to request access to a meeting, a room owner must be in the room to approve that join request. Pro tip: You can use our Zapier App to notify meeting owners when something is knocking.

A room owner is usually someone who joined the meeting using a meeting token with the is_owner property set to true.

Updated about a month ago

Controlling who joins a meeting

Meeting join permissions

Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.