Base URL: https://live.colourstream.johnrogerscolour.co.uk/api
All endpoints require JWT authentication via Bearer token in the Authorization header:
Authorization: Bearer <jwt_token>
- URL:
/auth/login - Method:
POST - Auth Required: No
- Request Body:
{ "password": "string" } - Response:
{ "status": "success", "data": { "token": "string" } }
- URL:
/auth/change-password - Method:
POST - Auth Required: Yes
- Request Body:
{ "currentPassword": "string", "newPassword": "string" } - Response:
{ "status": "success", "message": "Password changed successfully" }
- URL:
/rooms - Method:
GET - Auth Required: Yes
- Response:
{ "status": "success", "data": { "rooms": [ { "id": "string", "name": "string", "link": "string", "expiryDate": "string", "mirotalkRoomId": "string", "streamKey": "string", "displayPassword": "string" } ] } }
- URL:
/rooms - Method:
POST - Auth Required: Yes
- Request Body:
{ "name": "string", "expiryDate": "string" } - Response: Same as room object above
- URL:
/rooms/:id - Method:
DELETE - Auth Required: Yes
- Response:
{ "status": "success", "message": "Room deleted successfully" }
- URL:
/omen/vhosts - Method:
GET - Auth Required: Yes
- Response:
{ "status": "success", "data": { "vhosts": ["string"] } }
- URL:
/omen/vhosts/:vhost/apps - Method:
GET - Auth Required: Yes
- Response:
{ "status": "success", "data": { "applications": [ // Applications can be returned in two formats: // 1. As a string (name only): "app", // 2. As an object with name and type: { "name": "string", "type": "string" } ] } } - Notes:
- Applications can be returned either as simple strings (representing the app name) or as objects with name and type
- When returned as a string, the frontend will assign a default type of "default"
- The application name "app" is the default application configured in OvenMediaEngine for RTMP and SRT streaming
- Frontend handling:
// API layer transforms the data: interface Application { name: string; type: string; } // String "app" becomes { name: "app", type: "default" } // Object remains as-is: { name: "app", type: "live" }
- Error handling:
- Invalid application names return 404
- Missing or malformed data returns 400
- Authentication failures return 401
- Display:
- Applications are shown in an accordion list
- Each application shows its name and type
- Statistics are loaded on demand when expanding an application
- URL:
/omen/vhosts/:vhost/stats - Method:
GET - Auth Required: Yes
- Response:
{ "status": "success", "data": { "stats": { "connections": { "file": 0, "hlsv3": 0, "llhls": 0, "ovt": 0, "push": 0, "srt": 0, "thumbnail": 0, "webrtc": 0 }, "totalConnections": 0, "lastThroughputIn": 0, "lastThroughputOut": 0 } } }
- URL:
/omen/vhosts/:vhost/apps/:app/stats - Method:
GET - Auth Required: Yes
- Response: Same format as virtual host statistics
- URL:
/omen/vhosts/:vhost/apps/:app/streams/:stream/stats - Method:
GET - Auth Required: Yes
- Response: Same format as virtual host statistics
- URL:
/obs/settings - Method:
GET - Auth Required: Yes
- Response:
{ "status": "success", "data": { "settings": { "host": "string", "port": "number", "enabled": "boolean" } } }
- URL:
/obs/settings - Method:
PUT - Auth Required: Yes
- Request Body:
{ "host": "string", "port": "number", "enabled": "boolean" } - Response: Same as GET OBS Settings
All endpoints may return the following error responses:
{
"status": "error",
"message": "Invalid or expired token"
}{
"status": "error",
"message": "Validation error"
}{
"status": "error",
"message": "Internal server error"
}- Login endpoint is rate limited to 5 requests per minute per IP
- All other endpoints are not rate limited but require valid authentication
- All dates are in ISO 8601 format
- All IDs are UUIDs
- Stream keys are automatically generated for new rooms
- Room links are generated based on the room name
- The API uses HTTPS only
- CORS is enabled only for the frontend domain