Implement serverless-friendly Deepgram token generation.
This provides a secure, stateless way for clients to use Deepgram's
real-time streaming without exposing the main API key:
1. Client requests temporary token from Next.js API
2. Server generates short-lived (60s) token with 'member' scope
3. Client uses token to connect directly to Deepgram WebSocket
This architecture bypasses Vercel's serverless WebSocket limitations
while maintaining security by keeping the main Deepgram API key
server-side only.
Security:
- Main API key never exposed to client
- Temporary tokens expire in 60 seconds
- Minimal 'member' scope permissions
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Albert
393be3c46e