Keeping fal API Secrets Safe | fal.ai Real-Time Models

The WebSocket connection is established directly from the browser or native mobile application, making it unsafe to embed API keys and secrets directly into the client. To address this, we have developed additional tools to enable secure authentication with our servers without introducing unnecessary intermediaries between the client and our GPU servers. Instead of using traditional API keys, we recommend utilizing short-lived JWT tokens for authentication. Easiest way to communicate with fal using websockets is through our javascript and swift clients and a server proxy.

Server Side ProxyCheckout our Server Side Integration section to learn more about using a ready made proxy with your Node.js or Next.js app or implement your own.

When fal.realtime.connect is invoked the fal client gets a short lived JWT token through a server proxy to authenticate with fal services. This token is refreshed automatically by the client when it is needed.

import { fal } from "@fal-ai/client";

fal.config({
  proxyUrl: "/api/fal/proxy",
});

const { send } = fal.realtime.connect("fal-ai/fast-lcm-diffusion", {
  connectionKey: "realtime-demo",
  throttleInterval: 128,
  onResult(result) {
    // display
  },
});

Checkout the FalRealtimeSampleApp (swift) and realtime demo (js) for more details.

Real Time Models Quickstart | fal.ai Real-Time Models

Error Reference

⌘I

Guides

Models Endpoints

Authentication

Integrations

Real-Time

Reference

Help & Support

Keeping fal API Secrets Safe | fal.ai Real-Time Models