What's New

New API Key System

We've migrated from standard UUID API keys to hashed keys prefixed with ls_api_ - you can now have multiple active API keys at the same time, and you can revoke unused/deprecated keys. This makes it easier to safely rotate API keys in your application. Right now, API keys can only be made by Organisation Owners by default, but we can assign Developer rights to an Admin of your Organisation at your request.

Important Note: these new API keys are longer than the old ones and are no longer UUIDs, so you may need to adjust any fields in your system that may have been making assumptions about what a valid API key for our system looks like.

Old API Keys Deprecated

Old UUID-style API keys have been deprecated and we are proactively reaching out to clients still using them to help migrate to the new key system. If you are still using an old API key, we request that you upgrade to a new API key before 1 March 2026, from which time we will start enforcing new API keys.

Legacy Join Links Discontinued

Support for Legacy Join Links has been discontinued. Any join links generated prior to 18 December 2025 are no longer valid and will throw an error if an attempt is made to open them. Join Links must always be generated with a valid expiry time, using a valid range with the not_before/not_after parameters, or they will be valid for a default of 7 days from time of generation. The time between not_before and not_after must not exceed 7 days or an error will be thrown.

Join Link TTL/Expiry

All Join Links generated now have an expiry date encoded in the JWT. By default, the exp value is set to 7 days from time of generation. You may also specify a valid access period in the future using the not_before and not_after in the timeouts parameter. Read more in the Restricting Access section of the docs.

Legacy Recording /redirect URL Discontinued

The /redirect playback endpoint has been discontinued.

Playback URL TTL/Expiry

Playback URLs now require an API key to be accessed and the returned URL has a lifetime of 3 hours. The endpoints also return a different payload structure. Detailed information can be found in our Recordings documentation

Rate Limits

Rate limits for the REST API, which previously were only applied to a few endpoints, have been extended to almost all endpoints, excluding the Launch endpoint. The global rate limit is 10 requests per second.

Legacy Endpoints Removed

Several undocumented REST API endpoints have been formally removed.