Skip to content
Start here

MoQ

MoQRelays

List relays
GET/accounts/{account_id}/moq/relays
Get a relay
GET/accounts/{account_id}/moq/relays/{relay_id}
Create a relay
POST/accounts/{account_id}/moq/relays
Update a relay
PUT/accounts/{account_id}/moq/relays/{relay_id}
Delete a relay
DELETE/accounts/{account_id}/moq/relays/{relay_id}
ModelsExpand Collapse
RelayListResponse object { created, modified, name, uid }

Abbreviated relay for list responses.

created: string
formatdate-time
modified: string
formatdate-time
name: string
uid: string
RelayGetResponse object { config, created, modified, 3 more }

Full relay details (no tokens).

config: object { upstreams }
upstreams: optional object { enabled, upstreams }

Upstreams are external MOQT server publishers that a relay falls back to when it has no local publisher for a requested namespace/track.

enabled: optional boolean
upstreams: optional array of object { url }

Ordered list of upstream MOQT server publishers. Each entry is an object (not a bare string) so per-upstream configuration can be added in the future without another breaking change.

url: optional string

Upstream MOQT server publisher URL.

created: string
formatdate-time
modified: string
formatdate-time
name: string
uid: string
status: optional "connected"

“connected” when active, omitted otherwise.

RelayCreateResponse object { config, created, issuers, 3 more }

Relay with its auto-created default token pair (one full-access [publish, subscribe] and one [subscribe]-only), each with its one-time secret, wrapped in the issuers envelope.

config: object { upstreams }
upstreams: optional object { enabled, upstreams }

Upstreams are external MOQT server publishers that a relay falls back to when it has no local publisher for a requested namespace/track.

enabled: optional boolean
upstreams: optional array of object { url }

Ordered list of upstream MOQT server publishers. Each entry is an object (not a bare string) so per-upstream configuration can be added in the future without another breaking change.

url: optional string

Upstream MOQT server publisher URL.

created: string
formatdate-time
issuers: array of object { cloudflare_tokens, issuer, type }

Token collection (discriminated union on type). On create this holds the auto-created default pair, each including its one-time secret.

cloudflare_tokens: array of object { created, expires, jti, 3 more }

Always present ([] when empty).

created: string
formatdate-time
expires: string

Mandatory; no more than 1 year after created.

formatdate-time
jti: string

Token identity and registry key (32 hex chars).

operations: array of "publish" or "subscribe"

Signed allowlist of what the token may do. V1 coarse roles; the array form extends to fine-grained MoQT message names later without a breaking change.

One of the following:
"publish"
"subscribe"
label: optional string

Optional, customer-set.

secret: optional string

The signed JWT. Present ONLY in create / auto-create responses (shown once); never returned by list, never stored.

issuer: "cloudflare"
type: "cloudflare_jwt"
modified: string
formatdate-time
name: string
uid: string

Server-generated unique identifier (32 hex chars).

RelayUpdateResponse object { config, created, modified, 3 more }

Full relay details (no tokens).

config: object { upstreams }
upstreams: optional object { enabled, upstreams }

Upstreams are external MOQT server publishers that a relay falls back to when it has no local publisher for a requested namespace/track.

enabled: optional boolean
upstreams: optional array of object { url }

Ordered list of upstream MOQT server publishers. Each entry is an object (not a bare string) so per-upstream configuration can be added in the future without another breaking change.

url: optional string

Upstream MOQT server publisher URL.

created: string
formatdate-time
modified: string
formatdate-time
name: string
uid: string
status: optional "connected"

“connected” when active, omitted otherwise.

RelayDeleteResponse = unknown

MoQRelaysTokens

Create a token
POST/accounts/{account_id}/moq/relays/{relay_id}/tokens
List tokens
GET/accounts/{account_id}/moq/relays/{relay_id}/tokens
Revoke a token
DELETE/accounts/{account_id}/moq/relays/{relay_id}/tokens/{jti}
ModelsExpand Collapse
TokenCreateResponse object { issuers }

A relay’s token collection, keyed on issuer type (a discriminated union). V1 ships exactly one arm (cloudflare_jwt). Clients iterate issuers, switch on type, and ignore unknown types — that contract is what makes adding or removing an arm non-breaking.

issuers: array of object { cloudflare_tokens, issuer, type }
cloudflare_tokens: array of object { created, expires, jti, 3 more }

Always present ([] when empty).

created: string
formatdate-time
expires: string

Mandatory; no more than 1 year after created.

formatdate-time
jti: string

Token identity and registry key (32 hex chars).

operations: array of "publish" or "subscribe"

Signed allowlist of what the token may do. V1 coarse roles; the array form extends to fine-grained MoQT message names later without a breaking change.

One of the following:
"publish"
"subscribe"
label: optional string

Optional, customer-set.

secret: optional string

The signed JWT. Present ONLY in create / auto-create responses (shown once); never returned by list, never stored.

issuer: "cloudflare"
type: "cloudflare_jwt"
TokenListResponse object { issuers }

A relay’s token collection, keyed on issuer type (a discriminated union). V1 ships exactly one arm (cloudflare_jwt). Clients iterate issuers, switch on type, and ignore unknown types — that contract is what makes adding or removing an arm non-breaking.

issuers: array of object { cloudflare_tokens, issuer, type }
cloudflare_tokens: array of object { created, expires, jti, 3 more }

Always present ([] when empty).

created: string
formatdate-time
expires: string

Mandatory; no more than 1 year after created.

formatdate-time
jti: string

Token identity and registry key (32 hex chars).

operations: array of "publish" or "subscribe"

Signed allowlist of what the token may do. V1 coarse roles; the array form extends to fine-grained MoQT message names later without a breaking change.

One of the following:
"publish"
"subscribe"
label: optional string

Optional, customer-set.

secret: optional string

The signed JWT. Present ONLY in create / auto-create responses (shown once); never returned by list, never stored.

issuer: "cloudflare"
type: "cloudflare_jwt"
TokenDeleteResponse object { errors, messages, success }
errors: array of object { code, message }
code: optional number
message: optional string
messages: array of object { code, message }
code: optional number
message: optional string
success: boolean