Introduction

Copied!

Welcome to Stream's REST API documentation!

Please note

Copied!

The REST documentation is recommended for advanced users that want to write their own API clients. Have a look below at the official clients, framework integrations, and community-contributed libraries.

Always feel free to get in touch if you have questions.

Are you looking for a ready-made client or framework library?

Copied!

If you're looking to get started quickly, official clients are available for a whole host of languages including Ruby, JavaScript, Python, PHP, Go, and more.

First steps

Copied!

1. Complete 'Getting Started'

Copied!

Before you start writing your client, we recommend that you complete the getting started tutorial. It explains the Chat API concepts, and allows you to get familiar with Stream.

2. Review Official Clients

Copied!

Reviewing the official Stream API clients is a great source of inspiration for writing your own client.

A good starting point is the official JavaScript client as it runs its test suite in the browser.

You can review all of our open-source libraries at the official Stream GitHub page.

3. Browse Documentation

Copied!

This documentation page includes all API endpoints and describes the three authentication available to use Stream Chat.

Got stuck? No worries at all, feel free to contact support at any time.

Basics

Copied!

Common Parameters

Copied!

Every request should contain api_key query parameter and appropriate authorization header

nametypedescriptiondefaultoptional
api_keystringApplication public API key-

Compression

Copied!

Stream API supports gzip and deflate compression, make sure that your client negotiate compression. Enabling compression can reduce significantly latency and used bandwidth and it's highly recommended.

JSON

Copied!

Unless specified differently, all request body data must be JSON encoded and all responses are also JSON encoded.

Authentication

Copied!

API Keys and Tokens

Copied!

Every API request to Stream must include: the API Key of the app performing the request and an authentication token generated using the API Key secret. Token must be a JWT token including a signature generated with the HS256 algorithm.

If you are not familiar with JWT we highly recommend reading more about it here. Libraries to generate JWT are available for most programming languages. The full list is available here.

The authentication token must include the correct claims (also called payload). A token valid for a type of request or for a user_id might not be valid for another one. Your application should generate the appropriate token; when using client-side auth, each user should have its own unique token.

Sending an Authenticated Request

Copied!

All API requests to Stream must include a query parameter called api_key with the API Key in use. Once the token is generated correctly it is used to authenticate a request. This is done by setting two HTTP headers on the request:

Header

Value

Description

Stream-Auth-Type

jwt

Sets authentication type. Possible values: jwt, anonymous

Authorization

<token>

Sets JWT authentication token when jwt auth type is used

Some HTTP libraries prefix token with "Bearer " string. This prefix should be removed before sending the request to Stream.

When dealing with authentication tokens, you should keep in mind that tokens are like passwords. Never share tokens with untrusted parties.

Server-side

Copied!

Requests from a back-end application to Stream Chat API should use Server-Side Authentication to authenticate requests.

JWT Usage for Server-side Authentication

Copied!

For server-side authentication, the application should send a token that is signed with the API Secret of the Stream app. This token must not include any claim beside claims defined by JWT specifications (ie. "iat", "exp", ...).

When using server-side authentication; there will be no permission checking and you will be able to perform any valid request for any of your user.

You should never share a server-side token with any untrusted party or use it directly on the mobile or web-browser. If your API secret or server-side token gets compromised you should create a new API Key from the dashboard and delete the one that got compromised.

Some endpoints can only used with server-side auth; ie. changing the configuration of your application or perform other actions such as changing users' role.

Token Example

Copied!

Here is the server-side token for a fictional application with API Secret "top-secret": eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.e30.-hJRcjmUOcS0P-Pllpe8gnOtMINmm7Ktebd3eKUroAc

Client-side

Copied!

Requests from a front-end application to the Stream Chat API should use Client-Side Authentication to authenticate requests.

JWT Usage For Client-side Authentication

Copied!

When using client-side auth, you generate different token to each of your user and include their string ID in the user_id claim.

A common approach is to have your users authenticate with your app server-side and to provision a user token so that API calls to Stream can be done on their behalf directly on your mobile/web app.

For security reasons, some API endpoints and some specific actions can be performed only server-side.

User tokens will effectively authenticate the user based on the user_id claim. After that all API calls will be checked for permissions.

More information about permissions is available on Chat Documentation.

Token Example

Copied!

Here is the user token for user "jack" on a fictional application with API Secret "top-secret": eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyX2lkIjoiamFjayJ9.pO3Fa8TJnPXsl62-XHK94S8hFk6dUz_2Q9au6H5xBSQ

Anonymous

Copied!

Anonymous authentication allows you to use a sub-set of Chat's API without generating a user token.

Anonymous authentication works exactly as client-side auth with a couple of exceptions:

  • You must not send the Authorization header

  • You must send the stream-auth-type header set to anonymous

For security reasons, only a small subset of the API endpoints will be available to anonymous users.

Websocket

Copied!

Stream Chat uses Websocket connections to propagate chat events to all connected clients in real-time. Websockets are only used by Chat API servers to push events to users, you do not need them server-side.

Your Chat application should create a websocket connection per each user and wait until such connection is established before doing any other API call.

Websocket and Authentication

Copied!

Websocket connections must include authentication information; since it is not possible to send HTTP headers or a request body; such information must be included as query parameters:

Query parameter

Value

Description

stream-auth-type

jwt

Same as Stream-Auth-Type header

authorization

<token>

Same as Authorization header

Websocket and User Data

Copied!

Websocket connection must include the full information for the current user as well; the API endpoint will ensure that such user exists and will update it if necessary.

For information about request payload please see Connect Endpoint

Websocket Hello Event

Copied!

When the websocket connection is created with valid credentials and user payload; you will receive an event which includes fundamental information for later user of chat. Such message includes:

  • Current user's information including unread counts, the list of muted users and banned status

  • The connection_id for this session; you should store this, some API endpoints requires this parameter to be provided

Websocket Health-check events

Copied!

After the websocket connection is correctly established, the client will receive health-checks messages periodically. Your Chat client should make sure that such health-check event is received not later than 30 seconds ago; if that's not the case you should close and retry connecting.

Websocket and retries

Copied!

Unlike REST API calls, websocket connections are long-lived and might get closed due to internet connection errors. The recommended approach is to monitor internet connection, websocket close and error events and always retry to connect when a network issue causes the connection to break.

Websocket and Precondition Errors

Copied!

If you provide invalid authentication information or invalid data payload, an error message will be sent to the client and the connection will be closed with a status 1000 Normal Closure immediately after.

You can inspect the error message to gather more information about the failure and use that to decide what to do next. Error messages are JSON encoded and have the same schema as the ones from REST API endpoints.

When the connection is closed with such status you should not blindly retry to create the connection as it will almost certainly fail again with the same error. {

Websocket Events

Copied!

Once the websocket is created, you can move on and subscribe the user to channels either by using the Query Channels API endpoint or the Get Or Create Channel . From that point on, you will receive events related to all channels the user is watching (ie. messages from other users, typing events, mark read events, ...).

Websocket Notification Events

Copied!

You should expect the websocket connection to receive events that are not related to channels that the user is watching with the current websocket connection.

Campaigns

Copied!

Create campaign

Copied!
POST /campaigns
Read more: Campaigns - BETA

Request Body Schema

Copied!
Name
Type
Description
campaign
* CampaignDataRequest

Responses

Copied!
201 - Successful response
400 - Bad request
429 - Too many requests

Create segment

Copied!
POST /segments
Read more: Campaigns - BETA

Request Body Schema

Copied!
Name
Type
Description
segment
* SegmentDataRequest

Responses

Copied!
201 - Successful response
400 - Bad request
429 - Too many requests

Delete campaign

Copied!
DELETE /campaigns/{id}
Read more: Campaigns - BETA

Parameters

Copied!
Name
Type
Description
id
string

Responses

Copied!
200 - Successful response
400 - Bad request
429 - Too many requests

Delete segment

Copied!
DELETE /segments/{id}
Read more: Campaigns - BETA

Parameters

Copied!
Name
Type
Description
id
string

Responses

Copied!
200 - Successful response
400 - Bad request
429 - Too many requests

Get campaign

Copied!
GET /campaigns/{id}
Read more: Campaigns - BETA

Parameters

Copied!
Name
Type
Description
id
string

Responses

Copied!
200 - Successful response
400 - Bad request
429 - Too many requests

Get segment

Copied!
GET /segments/{id}
Read more: Campaigns - BETA

Parameters

Copied!
Name
Type
Description
id
string

Responses

Copied!
200 - Successful response
400 - Bad request
429 - Too many requests

List campaign

Copied!
GET /campaigns
Read more: Campaigns - BETA

Responses

Copied!
200 - Successful response
400 - Bad request
429 - Too many requests

List segments

Copied!
GET /segments
Read more: Campaigns - BETA

Responses

Copied!
200 - Successful response
400 - Bad request
429 - Too many requests

Resume campaign

Copied!
PATCH /campaigns/{id}/resume
Read more: Campaigns - BETA

Parameters

Copied!
Name
Type
Description
id
string

Responses

Copied!
200 - Successful response
400 - Bad request
429 - Too many requests

Schedule campaign

Copied!
PATCH /campaigns/{id}/schedule
Read more: Campaigns - BETA

Parameters

Copied!
Name
Type
Description
id
string

Request Body Schema

Copied!
Name
Type
Description
send_at
number

>=0

Responses

Copied!
200 - Successful response
400 - Bad request
429 - Too many requests

Stop campaign

Copied!
PATCH /campaigns/{id}/stop
Read more: Campaigns - BETA

Parameters

Copied!
Name
Type
Description
id
string

Responses

Copied!
200 - Successful response
400 - Bad request
429 - Too many requests

Test campaign

Copied!
POST /campaigns/{id}/test
Read more: Campaigns - BETA

Parameters

Copied!
Name
Type
Description
id
string

Request Body Schema

Copied!
Name
Type
Description
users
* string[]

>=1

<=10

Responses

Copied!
201 - Successful response
400 - Bad request
429 - Too many requests

Update campaign

Copied!
PUT /campaigns/{id}
Read more: Campaigns - BETA

Parameters

Copied!
Name
Type
Description
id
string

Request Body Schema

Copied!
Name
Type
Description
campaign
CampaignUpdateableFieldsRequest

Responses

Copied!
201 - Successful response
400 - Bad request
429 - Too many requests

Update segment

Copied!
PUT /segments/{id}
Read more: Campaigns - BETA

Parameters

Copied!
Name
Type
Description
id
string

Request Body Schema

Copied!
Name
Type
Description
segment
SegmentUpdateableFieldsRequest

Responses

Copied!
201 - Successful response
400 - Bad request
429 - Too many requests

Channel types

Copied!

Create channel type

Copied!
POST /channeltypes
Read more: Overview

Request Body Schema

Copied!
Name
Type
Description
name
* string

Name

typing_events
boolean

Typing events

read_events
boolean

Read events

connect_events
boolean

Connect events

reactions
boolean

Reactions

replies
boolean

Replies

search
boolean

Search

mutes
boolean

Mutes

uploads
boolean

Uploads

url_enrichment
boolean

URL enrichment

custom_events
boolean

Custom events

push_notifications
boolean

Push notifications

message_retention
string

Message retention

max_message_length
number

Maximum message length

automod
* string

Auto moderation

allowed values:

  • disabled
  • simple
  • AI

automod_behavior
string

Auto moderation behavior

allowed values:

  • flag
  • block

commands
string[]

Commands

permissions
PolicyRequest[]

Permissions

grants
object
blocklist
string

Blocklist

blocklist_behavior
string

Blocklist behavior

allowed values:

  • flag
  • block

Responses

Copied!
201 - Successful response
400 - Bad request
429 - Too many requests

Delete channel type

Copied!
DELETE /channeltypes/{name}
Read more: Overview

Parameters

Copied!
Name
Type
Description
name
string

Name

Responses

Copied!
200 - Successful response
400 - Bad request
429 - Too many requests

Get channel type

Copied!
GET /channeltypes/{name}
Read more: Overview

Parameters

Copied!
Name
Type
Description
name
string

Name

Responses

Copied!
200 - Successful response
400 - Bad request
429 - Too many requests

List channel types

Copied!
GET /channeltypes
Read more: Overview

Responses

Copied!
200 - Successful response
400 - Bad request
429 - Too many requests

Update channel type

Copied!
PUT /channeltypes/{name}
Read more: Overview

Parameters

Copied!
Name
Type
Description
name
string

Request Body Schema

Copied!
Name
Type
Description
permissions
PolicyRequest[]
grants
object
typing_events
boolean

Typing events

read_events
boolean

Read events

connect_events
boolean

Connect events

search
boolean

Search

reactions
boolean

Reactions

replies
boolean

Replies

mutes
boolean

Mutes

uploads
boolean

Uploads

url_enrichment
boolean

URL enrichment

custom_events
boolean

Custom events

push_notifications
boolean

Push notifications

message_retention
string

Message retention

max_message_length
number

Maximum message length

<=20000

automod
* string

Auto moderation

allowed values:

  • disabled
  • simple
  • AI

automod_behavior
string

Auto moderation behavior

allowed values:

  • flag
  • block

blocklist
string

Blocklist

blocklist_behavior
string

Blocklist behavior

allowed values:

  • flag
  • block

automod_thresholds
ThresholdsRequest

Auto moderation thresholds

commands
string[]

Commands

Responses

Copied!
201 - Successful response
400 - Bad request
429 - Too many requests

Channels

Copied!

Delete channel

Copied!
DELETE /channels/{type}/{id}
Read more: Deleting & Hiding a Channel

Parameters

Copied!
Name
Type
Description
type
string

Channel type

id
string

Channel ID

Responses

Copied!
200 - Successful response
400 - Bad request
429 - Too many requests

Events

Copied!
Name
Description
channel.deleted

Export channels

Copied!
POST /export_channels
Read more: Exporting Channels

Request Body Schema

Copied!
Name
Type
Description
channels
ChannelExportRequest[]

Channels

>=1

<=25

clear_deleted_message_text
boolean

Clear deleted message text

Responses

Copied!
201 - Successful response
400 - Bad request
429 - Too many requests

Export channels status

Copied!
GET /export_channels/{id}
Read more: Exporting Channels

Parameters

Copied!
Name
Type
Description
id
string

ID

Responses

Copied!
200 - Successful response
400 - Bad request
429 - Too many requests

Get or create channel (type, id)

Copied!
POST /channels/{type}/{id}/query
Read more: Watching a Channel

Parameters

Copied!
Name
Type
Description
type
string

Type

id
string

ID

Request Body Schema

Copied!
Name
Type
Description
connection_id
string

Connection ID

data
ChannelRequest
watch
boolean

Watch

state
boolean

State

presence
boolean

Presence

messages
MessagePaginationParamsRequest
members
PaginationParamsRequest
watchers
PaginationParamsRequest

Responses

Copied!
201 - Successful response
400 - Bad request
429 - Too many requests

Events

Copied!
Name
Description
channel.created
member.added
member.removed
member.updated
user.watching.start

Get or create channel (type)

Copied!
POST /channels/{type}/query
Read more: Watching a Channel

Parameters

Copied!
Name
Type
Description
type
string

Type

Request Body Schema

Copied!
Name
Type
Description
connection_id
string

Connection ID

data
ChannelRequest
watch
boolean

Watch

state
boolean

State

presence
boolean

Presence

messages
MessagePaginationParamsRequest
members
PaginationParamsRequest
watchers
PaginationParamsRequest

Responses

Copied!
201 - Successful response
400 - Bad request
429 - Too many requests

Events

Copied!
Name
Description
channel.created
member.added
member.removed
member.updated
user.watching.start

Hide channel

Copied!
POST /channels/{type}/{id}/hide
Read more: Deleting & Hiding a Channel

Parameters

Copied!
Name
Type
Description
type
string

Channel type

id
string

Channel ID

Request Body Schema

Copied!
Name
Type
Description
clear_history
boolean

Clear history

user_id
string

User ID

user
UserObjectRequest

User

Responses

Copied!
201 - Successful response
400 - Bad request
429 - Too many requests

Events

Copied!
Name
Description
channel.hidden

Mark all read

Copied!
POST /channels/read

Request Body Schema

Copied!
Name
Type
Description
user_id
string

User ID

user
UserObjectRequest

User

Responses

Copied!
201 - Successful response
400 - Bad request
429 - Too many requests

Events

Copied!
Name
Description
notification.mark_read

Mark read

Copied!
POST /channels/{type}/{id}/read

Parameters

Copied!
Name
Type
Description
type
string

Channel type

id
string

Channel ID

Request Body Schema

Copied!
Name
Type
Description
message_id
string

Message ID

user_id
string

User ID

user
UserObjectRequest

User

Responses

Copied!
201 - Successful response
400 - Bad request
429 - Too many requests

Events

Copied!
Name
Description
message.read

Mute channel

Copied!
POST /moderation/mute/channel
Read more: Muting Channels

Request Body Schema

Copied!
Name
Type
Description
channel_cids
* string[]

Channel CIDs

<=25

expiration
number

Expiration

user_id
string

User ID

user
UserObjectRequest

User

Responses

Copied!
201 - Successful response
400 - Bad request
429 - Too many requests

Events

Copied!
Name
Description
channel.muted

Partially update channel

Copied!
PATCH /channels/{type}/{id}
Read more: Updating a Channel

Parameters

Copied!
Name
Type
Description
type
string

Channel type

id
string

Channel ID

Request Body Schema

Copied!
Name
Type
Description
set
* object

Set

unset
* string[]

Unset

user_id
string

User ID

user
UserObjectRequest

User

Responses

Copied!
200 - Successful response
400 - Bad request
429 - Too many requests

Events

Copied!
Name
Description
channel.updated

Query channels

Copied!
POST /channels
Read more: Querying Channels

Request Body Schema

Copied!
Name
Type
Description
filter_conditions
object
sort
* SortParamRequest[]

Sort

<=5

watch
boolean

Watch

state
boolean

State

presence
boolean

Presence

message_limit
number

Message limit

>=0

member_limit
number

Member limit

>=0

<=100

limit
number

Limit

offset
number

Offset

user_id
string

User ID

user
UserObjectRequest

User

connection_id
string

Connection ID

Responses

Copied!
201 - Channels list
400 - Bad request
429 - Too many requests

Query members

Copied!
GET /members
Read more: Querying Members

Parameters

Copied!
Name
Type
Description
payload
QueryMembersRequest

Responses

Copied!
200 - Successful response
400 - Bad request
429 - Too many requests

Search messages

Copied!
GET /search
Read more: Search

Parameters

Copied!
Name
Type
Description
payload
SearchRequest

Payload

Responses

Copied!
200 - Successful response
400 - Bad request
429 - Too many requests

Show channel

Copied!
POST /channels/{type}/{id}/show
Read more: Deleting & Hiding a Channel

Parameters

Copied!
Name
Type
Description
type
string

Channel type

id
string

Channel ID

Request Body Schema

Copied!
Name
Type
Description
user_id
string

User ID

user
UserObjectRequest

User

Responses

Copied!
201 - Successful response
400 - Bad request
429 - Too many requests

Events

Copied!
Name
Description
channel.visible

Stop watching channel

Copied!
POST /channels/{type}/{id}/stop-watching

Parameters

Copied!
Name
Type
Description
type
string

Channel type

id
string

Channel ID

Request Body Schema

Copied!
Name
Type
Description
connection_id
string

Connection ID

Responses

Copied!
201 - Successful response
400 - Bad request
429 - Too many requests

Events

Copied!
Name
Description
user.watching.stop

Sync

Copied!
POST /sync

Request Body Schema

Copied!
Name
Type
Description
channel_cids
string[]

Channel CIDs

>=1

<=255

last_sync_at
* string

Last sync at

user_id
string

User ID

user
UserObjectRequest

User

Responses

Copied!
201 - Successful response
400 - Bad request
429 - Too many requests

Truncate channel

Copied!
POST /channels/{type}/{id}/truncate
Read more: Deleting & Hiding a Channel

Parameters

Copied!
Name
Type
Description
type
string

Channel type

id
string

Channel ID

Responses

Copied!
201 - Successful response
400 - Bad request
429 - Too many requests

Events

Copied!
Name
Description
channel.truncated

Unmute channel

Copied!
POST /moderation/unmute/channel
Read more: Muting Channels

Request Body Schema

Copied!
Name
Type
Description
channel_cids
* string[]

Channel CIDs

<=25

expiration
number

Expiration

user_id
string

User ID

user
UserObjectRequest

User

Responses

Copied!
201 - Successful response
400 - Bad request
429 - Too many requests

Events

Copied!
Name
Description
channel.unmuted

Update channel

Copied!
POST /channels/{type}/{id}
Read more: Updating a Channel

Parameters

Copied!
Name
Type
Description
type
string

Channel type

id
string

Channel ID

Request Body Schema

Copied!
Name
Type
Description
add_members
ChannelMemberRequest[]

Add members

<=100

remove_members
* string[]

Remove members

<=100

add_moderators
* string[]

Add moderators

<=100

demote_moderators
* string[]

Demote moderators

<=100

invites
ChannelMemberRequest[]

Invites

<=100

assign_roles
ChannelMemberRequest[]

Assign roles

<=100

cooldown
number

Cool down

>=0

<=120

accept_invite
boolean

Accept invite

reject_invite
boolean

Reject invite

message
MessageRequest
skip_push
boolean

Skip push

data
ChannelRequest

Data

user_id
string

User ID

user
UserObjectRequest

User

Responses

Copied!
201 - Successful response
400 - Bad request
429 - Too many requests

Events

Copied!
Name
Description
channel.updated
member.added
member.removed
member.updated
message.new

Custom commands

Copied!

Create command

Copied!
POST /commands
Read more: Custom Commands Webhook

Request Body Schema

Copied!
Name
Type
Description
name
* string

Name

description
* string

Description

args
string

Arguments

set
string

Set

Responses

Copied!
201 - Successful response
400 - Bad request
429 - Too many requests

Delete command

Copied!
DELETE /commands/{name}
Read more: Custom Commands Webhook

Parameters

Copied!
Name
Type
Description
name
string

Responses

Copied!
200 - Successful response
400 - Bad request
429 - Too many requests

Get command

Copied!
GET /commands/{name}
Read more: Custom Commands Webhook

Parameters

Copied!
Name
Type
Description
name
string

Responses

Copied!
200 - Successful response
400 - Bad request
429 - Too many requests

List commands

Copied!
GET /commands
Read more: Custom Commands Webhook

Responses

Copied!
200 - Successful response
400 - Bad request
429 - Too many requests

Update command

Copied!
PUT /commands/{name}
Read more: Custom Commands Webhook

Parameters

Copied!
Name
Type
Description
name
string

Name

Request Body Schema

Copied!
Name
Type
Description
description
* string

Description

args
string

Arguments

set
string

Set

Responses

Copied!
201 - Successful response
400 - Bad request
429 - Too many requests

Devices

Copied!

Create device

Copied!
POST /devices
Read more: Devices

Request Body Schema

Copied!
Name
Type
Description
id
string
push_provider
string

allowed values:

  • firebase
  • apn

user_id
string

User ID

user
UserObjectRequest

User

Responses

Copied!
201 - Successful response
400 - Bad request
429 - Too many requests

Delete device

Copied!
DELETE /devices
Read more: Devices

Parameters

Copied!
Name
Type
Description
id
string

ID

user_id
string

User ID

Responses

Copied!
200 - Successful response
400 - Bad request
429 - Too many requests

List devices

Copied!
GET /devices
Read more: Devices

Parameters

Copied!
Name
Type
Description
user_id
string

User ID

Responses

Copied!
200 - Successful response
400 - Bad request
429 - Too many requests

Events

Copied!

Send event

Copied!
POST /channels/{type}/{id}/event
Read more: Event Object

Parameters

Copied!
Name
Type
Description
type
string

Channel type

id
string

Channel ID

Request Body Schema

Copied!

Responses

Copied!
201 - Successful response
400 - Bad request
429 - Too many requests

Events

Copied!
Name
Description
[any]

Send user event

Copied!
POST /users/{user_id}/event
Read more: Event Object

Parameters

Copied!
Name
Type
Description
user_id
string

Request Body Schema

Copied!
Name
Type
Description
event
* UserCustomEventRequest

Responses

Copied!
201 - Successful response
400 - Bad request
429 - Too many requests