# Tokens With tokens you can control user's access to the room. You can set properties like user's role, username and avatar. Highly recommended is to set a token validity interval, so the token is valid only for a period of time when the meeting will be conducted - see the **exp** (expires) and **nbf** (not-before) in the full [properties](/reference/rest-api/tokens/properties.md) list. Tokens are obligatory for **private** rooms, and they are also needed in **public** rooms if you have more than one role in the room and need to specify with which role should the user enter. {% hint style="info" %} **Private** room means no one can enter the room without a token. They are much more secure than public rooms. **Public** room means everyone who knows the URL of the room can enter inside. We highly recommend to use **private** rooms for sensitive meetings. On the other hand **public** rooms could be easier to start with and be useful if you don't need high security or if you are just trying out the app. {% endhint %} Tokens are using the highly popular [JWT](https://jwt.io/) standard (JSON Web Tokens). You will be [creating and signing ](/reference/rest-api/tokens/create.md)the tokens in the backend using your team **developer key** which can be found in the [dashboard](https://dashboard.digitalsamba.com/team). {% hint style="danger" %} Tokens should never be generated in client-facing code like frontends, because your secret developer key will become publicly visible. \ \ Tokens are cryptographically signed data, NOT encrypted. Do not put information which should not be seen by the users into the tokens. {% endhint %} --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.digitalsamba.com/reference/rest-api/tokens.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.