Browser & SDK API

platform v0.9.11verified 2026-05-14

This section covers the part of TelAPI that browser and mobile clients talk to — directly or, in practice, through the client SDK. It is gated by a single platform flag:

⚑Feature required: webrtc

This feature is gated. Operators enable it per deployment in the Delphi Portal; if the flag is off, the surface described below is hidden from the UI and rejected by the API. See Feature flags for the full registry.

The webrtc flag covers more than voice calls

The flag is named after the most visible feature it gates, but it actually controls the entire client-facing slice of TelAPI: API-key auth, call-token minting, the WebSocket channel, app discovery — everything in this section. If the flag is off, only /health and the async LLM webhooks endpoint stay usable.

What's in this section

Page	Covers
Authentication	API keys, the bearer header, key rotation, what a key is bound to.
Scopes	CREATE_CALL_TOKEN, READ_CALL_TOKEN, READ_TEAM_APPS — what each unlocks.
Call tokens	The primary client-integration workflow: backend mints a token, client uses it to start a session.
WebSocket channel	The realtime control + media channel the SDK opens for each session.
Conversations	The conversation concept — how a session surfaces as observable data during and after the call.

For cross-cutting topics see Errors, Examples, and the snapshot status of the interactive API reference.

Two ways to use this surface

• Through the SDK (recommended). The @ki-kombinat/delphi-client-js-sdk wraps every endpoint and the WebSocket channel for you with typed callbacks. New integrations should always start here.
• Directly. If you're building for a runtime the SDK doesn't ship for, the endpoints, the channel-protocol message catalogue, and the auth model are all documented here so you can implement an alternative client. The SDK source remains the reference implementation.

How it relates to the rest of the API

Surface	Path(s)	Auth	Gating
Browser & SDK API (this section)	most of /api/v1/*	API key + scopes (bearer)	webrtc feature flag
Async LLM webhooks (inbound to the platform)	/api/v1/webhooks/*	Per-callback token, separate	Independent — not in this section
Health check	/health	None — public	Always on

/api/v1/webhooks/* and this surface share a base path but nothing else — auth, gating, and audience all differ. The webhook page is its own thing.

Start here

• New integration in JavaScript? Go to SDK → Quick start.
• Building your own client? Start with Authentication, then Call tokens, then WebSocket channel.
• Just want to discover the team's apps to pick an endpoint? Scopes → READ_TEAM_APPS.