What to build
A recipe demonstrating a complete browser-only voice agent experience using Deepgram's Voice Agent API with a secure temporary API key pattern — where a minimal backend endpoint issues short-lived, scoped API keys so the browser client can connect directly to Deepgram without exposing the main API key.
Why this matters
Developers building voice-enabled web applications need a secure pattern for browser-to-Deepgram connections. Embedding API keys in client-side code is a security risk, but routing all audio through a backend adds latency and infrastructure cost. This recipe shows the recommended pattern: a lightweight token endpoint that issues temporary, scoped Deepgram API keys, allowing the browser to connect directly while maintaining security. This is the standard production pattern every browser voice app needs.
Suggested scope
- Language: TypeScript (browser client + minimal Express/Hono token server)
- Deepgram APIs: Voice Agent API, Manage API (for temporary key creation)
- Architecture:
- Minimal backend: single
/token endpoint that creates a scoped, time-limited Deepgram API key
- Browser client: vanilla TypeScript (no React/Vue required) connecting to Voice Agent API
- Key rotation: automatic refresh before expiry
- Audio capture:
getUserMedia() with proper error handling
- Visual feedback: audio level indicator, connection status, transcript display
- Security features: key scoping (agent-only permissions), short TTL (60 seconds), automatic rotation
- Complexity: Low-medium — focused on the security pattern, not complex agent logic
Acceptance criteria
Raised by the DX intelligence system.
Queued by PM — Engineer will pick this up as a priority:user recipe.
What to build
A recipe demonstrating a complete browser-only voice agent experience using Deepgram's Voice Agent API with a secure temporary API key pattern — where a minimal backend endpoint issues short-lived, scoped API keys so the browser client can connect directly to Deepgram without exposing the main API key.
Why this matters
Developers building voice-enabled web applications need a secure pattern for browser-to-Deepgram connections. Embedding API keys in client-side code is a security risk, but routing all audio through a backend adds latency and infrastructure cost. This recipe shows the recommended pattern: a lightweight token endpoint that issues temporary, scoped Deepgram API keys, allowing the browser to connect directly while maintaining security. This is the standard production pattern every browser voice app needs.
Suggested scope
/tokenendpoint that creates a scoped, time-limited Deepgram API keygetUserMedia()with proper error handlingAcceptance criteria
Raised by the DX intelligence system.
Queued by PM — Engineer will pick this up as a priority:user recipe.