Using the REST API
Create or delete Whereby rooms programmatically using a simple API request. Rooms can be created on demand, or ahead of time for scheduled meetings.
Note: To use the API, you’ll need to create an API key. A new key is generated from the “Configure” section in the Embedded dashboard. Your API key is secret and should only be used from your server.

Creating rooms

Once you have secured your API key, you can create a room by sending an HTTP request with the necessary parameters in the body. Available parameters and formats can be found in the API reference. Some features like the URL pattern of the room name and room size (roomMode) can only be set during the meetings creation.
endDate is interpreted as UTC by default, but other time zones are supported by including an offset in hours and minutes. For example, Eastern Standard Time (EST) would be expressed as 2099-08-11T07:56:01-05:00.
Rooms are fully functional from the time they are created.
curl \
--header "Authorization: Bearer $YOUR_API_KEY" \
--header "Content-Type: application/json" \
--request POST \
--data @- << EOF
"endDate": "2099-02-18T14:23:00.000Z",
"fields": ["hostRoomUrl"]
$api_key = "YOUR_API_KEY";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, '');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, '{
"endDate": "2099-02-18T14:23:00.000Z",
"fields": ["hostRoomUrl"]}'
$headers = [
'Authorization: Bearer ' . $api_key,
'Content-Type: application/json'
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
$response = curl_exec($ch);
$httpcode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
echo "Status code: $httpcode\n";
$data = json_decode($response);
echo "Room URL: ", $data->{'roomUrl'}, "\n";
echo "Host room URL: ", $data->{'hostRoomUrl'}, "\n";
const fetch = require("cross-fetch");
const data = {
endDate: "2099-02-18T14:23:00.000Z",
fields: ["hostRoomUrl"],
function getResponse() {
return fetch("", {
method: "POST",
headers: {
Authorization: `Bearer ${API_KEY}`,
"Content-Type": "application/json",
body: JSON.stringify(data),
getResponse().then(async res => {
console.log("Status code:", res.status);
const data = await res.json();
console.log("Room URL:", data.roomUrl);
console.log("Host room URL:", data.hostRoomUrl);
import requests
import json
data = {
"endDate": "2099-02-18T14:23:00.000Z",
"fields": ["hostRoomUrl"],
headers = {
"Authorization": f"Bearer {API_KEY}",
"Content-Type": "application/json",
response =
print("Status code:", response.status_code)
data = json.loads(response.text)
print("Room URL:", data["roomUrl"])
print("Host room URL:", data["hostRoomUrl"])p
import com.fasterxml.jackson.databind.ObjectMapper;
import java.util.Collections;
import java.util.Map;
var apiKey = "YOUR_API_KEY";
var data = Map.of(
"endDate", "2099-02-18T14:23:00.000Z",
"fields", Collections.singletonList("hostRoomUrl")
var request = HttpRequest.newBuilder(
.header("Authorization", "Bearer " + apiKey)
.header("Content-Type", "application/json")
.POST(HttpRequest.BodyPublishers.ofString(new ObjectMapper().writeValueAsString(data)))
var response = HttpClient.newHttpClient().send(request, BodyHandlers.ofString());
System.out.println("Status code: " + response.statusCode());
System.out.println("Body: " + response.body());
201 Response: Success
"meetingId": "1",
"startDate": "2022-02-17T14:24:00.000Z",
"endDate": "2099-02-18T14:23:00.000Z",
"roomUrl": "",
"hostRoomUrl": ""
401 response: API key missing or invalid

Deleting rooms

For many scenarios, it makes sense to create rooms to be used for a limited time or even just a single meeting, after which the rooms should be deactivated. With each room having a unique URL and a limited lifespan, there's no need to worry about meetings conflicting or rooms being used for other purposes after the intended session.
When creating a room using the API, the endDate parameter is used to indicate the time at which the room should be marked for deactivation. The room will then automatically be deleted within 24 hours of the endDate provided. Webhook events and hostRoomURL privileges will also end an hour after the endDate is met.
You can also delete a room at any time using the API as described in the API reference.