Integrate Bunch meeting links into your application
Use Bunch API keys to create short-lived meeting join links for your users. This guide covers setup, authentication, request and response formats, implementation examples, error handling, and production rollout guidance for web apps, mobile apps, internal tools, and backend services.
Base application URL
https://www.bunch.community
Meeting domain
https://meet.bunch.community
Primary integration endpoint
POST /api/jwt
Authentication
Bearer API key or x-api-key header
Integration overview
Your backend sends Bunch a room name and user details. Bunch validates the API key, issues a signed JWT, and returns a secure join URL that opens the branded Bunch Meet experience for that user.
- Create an API key from the Bunch dashboard.
- Store the raw key securely in your application backend or secrets manager.
- Call
POST /api/jwtwhenever you want to create a meeting join link. - Redirect the user to the returned
joinUrlor open it in your app shell.
Create an API key
In Bunch, go to Dashboard → API keys and create a key for the system or product surface that will request meeting links.
- Name the key after the integration that will use it, such as `mobile-app` or `crm-backend`.
- Copy the raw key immediately after creation. It is only shown once.
- Store the raw key in your secrets manager, environment variables, or backend config.
- Do not embed API keys directly in browser code or ship them in mobile apps.
Authentication
Bunch supports two authentication styles for the JWT endpoint. Use one of the following on every request:
Create a meeting JWT
Use the endpoint below whenever you want to generate a secure meeting join URL for an external user or an authenticated user in your own application.
Request body
| Field | Type | Required | Description |
|---|---|---|---|
| roomName | string | Yes | Meeting room slug. Must be between 1 and 200 characters. |
| userName | string | Yes | Display name shown inside the meeting UI. |
| userEmail | string | No | Optional participant email for context and downstream workflows. |
| userAvatar | string | No | Optional absolute URL for the participant avatar image. |
| moderator | boolean | No | Defaults to false. Set to true when the participant should join as moderator. |
Example request
{
"roomName": "team-standup",
"userName": "Constance Oshafi",
"userEmail": "constance@example.com",
"userAvatar": "https://example.com/avatar.png",
"moderator": true
}Success response
{
"joinUrl": "https://meet.bunch.community/team-standup?jwt=eyJ...",
"roomName": "team-standup",
"jwt": "eyJ...",
"expiresIn": 7200
}cURL example
curl -X POST "https://www.bunch.community/api/jwt" \
-H "Authorization: Bearer YOUR_BUNCH_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"roomName": "team-standup",
"userName": "Constance Oshafi",
"userEmail": "constance@example.com",
"moderator": true
}'JavaScript example
const response = await fetch("https://www.bunch.community/api/jwt", {
method: "POST",
headers: {
"Content-Type": "application/json",
Authorization: `Bearer ${process.env.BUNCH_API_KEY}`,
},
body: JSON.stringify({
roomName: "team-standup",
userName: "Constance Oshafi",
userEmail: "constance@example.com",
moderator: true,
}),
});
const data = await response.json();
if (!response.ok) {
throw new Error(data.error || "Failed to create Bunch meeting link");
}
return data.joinUrl;Error handling
| Status | Meaning | Typical cause | What to do |
|---|---|---|---|
| 400 | Bad Request | Missing fields, invalid email, invalid avatar URL, or malformed JSON. | Validate payloads before sending and log the response body during integration. |
| 401 | Unauthorized | Missing API key or invalid API key. | Confirm your key is present, active, and sent using Bearer auth or x-api-key. |
| 500 | Server misconfiguration | Required server configuration is missing on the Bunch side. | Retry later and contact the Bunch team if the error persists. |
Session-based web app flow
If your users are already logged into Bunch directly, the web app also exposes a session-based endpoint:
POST /api/meetings/join
This endpoint uses the logged-in Bunch session instead of an API key and returns a meeting join URL for the authenticated user.
Recommended production practices
- Generate join links from your backend, not from public frontend code.
- Rotate API keys when team ownership changes or if a key is exposed.
- Log request failures with response status and body for troubleshooting.
- Treat the returned JWT and join URL as sensitive, short-lived credentials.
- Use room naming conventions that map cleanly to your own meetings or records.
Frequently asked questions
How long are Bunch JWTs valid?
The current integration response returns expiresIn: 7200, which is a 2-hour lifetime.
Can I embed the returned meeting link?
You can redirect users to the joinUrl directly or open it inside an approved app shell or WebView, depending on your product architecture.
Can I create separate keys per integration?
Yes. That is the recommended approach so you can rotate or revoke one integration without affecting others.
Start integrating Bunch
Create an API key, connect your backend, and start returning branded meeting links from your own product flows.