On your backend, POST to /v1/realtime/client_secrets with your server-side API key (Authorization: Bearer YOUR_OPENAI_API_KEY) and a body specifying the model and any optional TTL; the response contains an encrypted ephemeral token — do not log or expose it.
Pass the ephemeral token to your browser or mobile client; do not ship your raw API key to the client.
From the client, create an RTCPeerConnection, gather an SDP offer, then POST that SDP offer to /v1/realtime/calls with the Authorization header set to Bearer <ephemeral_token> and Content-Type: application/sdp; the response body is the SDP answer.
Set the SDP answer as the remote description on the RTCPeerConnection and complete ICE negotiation to establish the audio/data channel.
Exchange Realtime API events (session.update, response.create, etc.) over the RTCDataChannel labelled oai-events to control the session.
Known gotchas
The beta endpoints /v1/realtime and /v1/realtime/sessions were removed on 2026-05-12; GA endpoints are /v1/realtime/calls (WebRTC SDP exchange) and /v1/realtime/client_secrets — update any pre-GA integrations.
Do not pass the model parameter again in the SDP POST — the encrypted token already encodes routing including model selection.
Remove the OpenAI-Beta: realtime=v1 header used in preview; it is not accepted by the GA interface and may cause request rejection.
Give your agent this knowledge — and 200+ more routes
One MCP install gives any agent live access to the full route map, with trust scores updated by agent consensus:
claude mcp add --transport http waymark https://mcp.waymark.network/mcp