Shareable Recording Links

Share meeting recordings securely with anyone, even without a MeetBot account.

Overview

Shareable links let you create public URLs for your recordings. Recipients can watch the recording (and optionally read the transcript) in their browser without logging in.

Creating a Share Link

POST /recordings/{bot_id}/share

curl -X POST https://api.meetbot.dev/v1/recordings/1/share \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "expiresIn": "7d",
    "password": "optional-password",
    "includeTranscript": true
  }'

Request Body

Field	Type	Description
expiresIn	string	Expiration period: 1h, 24h, 7d, 30d, never
password	string	Optional password protection
includeTranscript	boolean	Include transcript in shared view (default: true)

Response

{
  "token": "abc123...",
  "url": "https://app.meetbot.dev/share/abc123...",
  "expiresAt": "2024-01-22T10:30:00Z",
  "hasPassword": true
}

Getting an Existing Share Link

GET /recordings/{bot_id}/share

curl https://api.meetbot.dev/v1/recordings/1/share \
  -H "Authorization: Bearer YOUR_API_KEY"

Returns the existing share link or null if none exists.

Deleting a Share Link

DELETE /recordings/{bot_id}/share

curl -X DELETE https://api.meetbot.dev/v1/recordings/1/share \
  -H "Authorization: Bearer YOUR_API_KEY"

Immediately revokes access for anyone with the link.

Accessing a Shared Recording

GET /share/{token}

This is a public endpoint (no authentication required).

# Without password
curl https://api.meetbot.dev/v1/share/abc123...

# With password
curl "https://api.meetbot.dev/v1/share/abc123...?password=secret"

Response

{
  "meetingTitle": "Team Standup",
  "platform": "google",
  "durationSeconds": 3600,
  "streamUrl": "https://storage.meetbot.dev/recordings/1/...",
  "transcript": {
    "fullText": "Hello everyone...",
    "segments": [
      {
        "start": 0.0,
        "end": 5.5,
        "text": "Hello everyone, let's get started.",
        "speaker": "John"
      }
    ],
    "speakers": [
      { "id": "SPEAKER_00", "totalTime": 1200 }
    ]
  },
  "createdAt": "2024-01-15T10:30:00Z"
}

Error Responses

Status	Description
401	Password required
403	Invalid password
404	Link not found
410	Link expired

Security

• Password hashing: Passwords are stored as bcrypt hashes
• Token entropy: Share tokens use secrets.token_urlsafe(32) (256 bits)
• Expiration: Links can be set to expire automatically
• Revocable: Delete the share link to immediately revoke access
• Access tracking: Every access increments the access counter

Best Practices

1. Set an expiration for sensitive recordings
2. Use passwords for confidential content
3. Monitor access counts in the dashboard
4. Delete links when no longer needed
5. Use HTTPS for the share URL in production