Skip to main content
The Voice.ai Web SDK (@voice-ai-labs/web-sdk) provides a unified JavaScript/TypeScript interface for building voice-enabled web applications.

Installation

Source code: The SDK is open source on GitHub. View examples, report issues, or contribute.

Quick Start

Features

AreaDescription
Real-time VoiceConnect to voice agents with live transcription
Text-to-SpeechGenerate speech and manage voices
Agent ManagementCreate, update, deploy, and manage agents
Knowledge BaseManage RAG documents for your agents
Phone NumbersSearch and manage phone numbers
AnalyticsAccess call history, transcripts, and recordings
WebhooksReceive event notifications, inbound personalization requests, and callable tool invocations
SecurityBackend token exchange, endToken, CORS handling
Error HandlingConnection and API error handling

Real-time Voice

Connect to an Agent

connect() supports these top-level request shapes:
  • agentId for a saved agent
  • dynamicVariables for optional runtime variables passed at call start
  • agentOverrides for optional call-scoped runtime config overrides
  • testMode to preview paused agents before deploying
These map to the same public call-start contract documented in the API reference and the Agent Configuration guide.

Events

Each handler returns a function to unsubscribe: const stop = voiceai.onTranscription(...); stop();

Microphone Control

Send Text Message

Disconnect

Status (read-only)

Text-to-Speech

The TTS API provides speech generation and voice management.

Generate Speech

Managed pronunciation dictionaries can be attached to direct TTS requests and saved agent configs with:

Voice Management

Pronunciation Dictionaries


Agent Management

Outbound access control: POST /api/v1/calls/outbound is restricted to approved accounts. If you need outbound enabled for your account/workspace, please contact Voice.ai support.
Update behavior: voiceai.agents.update() is a partial update. Omit a field to leave it unchanged. For nullable scalar fields like prompt, greeting, phone_number, or nested tts_params fields, pass null to clear the current value. See section-specific notes below for webhook clearing behavior.
Recording: config.recording_enabled defaults to true for new agents. Set it to false to disable recording for future calls.

Dynamic Variables

Pass optional dynamic_variables at call start and reference them in your prompt or greeting with {{variable_name}}:
  • dynamic_variables must be a flat object of string, number, or boolean values.
  • Extra variables are allowed.
  • Variables that are not referenced by the runtime prompt or greeting are ignored.
  • The runtime is responsible for interpolating these variables into the prompt and greeting.
  • If the same placeholder appears multiple times, the same runtime value is used for every occurrence.
See Agent Configuration, Webhooks, and the API reference for the matching public contract.

Runtime Agent Overrides

Pass optional agentOverrides at call start when you need a call-scoped config patch rather than prompt interpolation:
  • agentOverrides is separate from dynamicVariables.
  • dynamicVariables is for prompt and greeting interpolation.
  • agentOverrides is for allowlisted runtime config changes.
  • v1 supports only tts_params.voice_id, temperature, top_p, dictionary_id, and dictionary_version.
  • TTS model and language are agent configuration fields, not per-call runtime override fields.
  • agentOverrides uses the same nested shape as agent config, so voice overrides live under tts_params.

Knowledge Base


Phone Numbers


Analytics


Webhooks

Configure webhooks when creating or updating an agent. For backend payload details and signing guidance, see the dedicated Webhooks guide. webhooks.events[], webhooks.inbound_call, and webhooks.tools use different contracts:
  • webhooks.events[] supports secret (write-only on create/update) and has_secret (read-only on fetch), with fan-out across enabled endpoints.
  • webhooks.inbound_call supports secret (write-only on create/update) and has_secret (read-only on fetch).
  • webhooks.tools define outbound API calls and do not use secret.

Configure Webhook Events and Tools

Webhook configuration requiredness

  • webhooks.events[]
    • Required: url
    • Optional: secret, events, timeout (default 5), enabled (default true)
    • On update: omit webhooks.events to preserve the current list, set webhooks.events: null to clear it, or pass a full array to replace it
    • Within a replacement array: omitted secret values are preserved only for entries whose url exactly matches an existing endpoint, secret: null clears that endpoint’s signing secret, duplicate URLs are invalid, and events: [] means that endpoint receives all event types
  • webhooks.inbound_call
    • Required: url
    • Optional: secret, timeout (default 5), enabled (default true)
    • On update: omit inbound_call to preserve it, set inbound_call: null to remove it, and set secret: null to clear only the signing secret
  • webhooks.tools
    • Required per tool: name, description, parameters, url, method, execution_mode, auth_type
    • Optional per tool: auth_token, headers, response, timeout (default 10)
    • On update: omit tools to leave the current tool list unchanged, set tools: null to clear all tools, or pass a new array to replace the current list
If a field is optional and omitted, the service uses the documented default. Prefer omitting optional fields instead of sending null unless you explicitly intend to clear behavior in a supported way.

Event Types

EventDescription
call.startedCall connected, agent ready
call.completedCall ended, includes transcript and usage data
call.failedCall initiation was blocked before call.started

Event Webhook Payload

Your event webhook URL receives POST requests with this structure:

Webhook Tool Request Shape

For webhook tools, Voice.ai makes outbound HTTP requests directly to each tool url.
  • method: 'GET': tool arguments are sent as query parameters.
  • method: 'POST' | 'PUT' | 'PATCH' | 'DELETE': tool arguments are sent as JSON body.
  • Metadata headers are always sent:
    • X-VoiceAI-Request-Id
    • X-VoiceAI-Tool-Name
    • X-VoiceAI-Agent-Id
    • X-VoiceAI-Call-Id

Webhook Tool Authentication

  • auth_type: 'none': no auth headers added.
  • auth_type: 'bearer_token': sends Authorization: Bearer <auth_token>.
  • auth_type: 'api_key': sends X-API-Key: <auth_token>.
  • auth_type: 'custom_headers': sends your configured headers map.

Webhook Tool Response Behavior

  • execution_mode: 'sync': waits for downstream response body; non-2xx fails the tool call.
  • execution_mode: 'async': treats any 2xx as accepted and does not require a response payload.

Signature Verification (Event Webhooks)

If you configure webhooks.events[].secret, verify the HMAC-SHA256 signature:

Inbound Call Webhook Payload

If you configure webhooks.inbound_call, Voice.ai sends inbound call personalization requests with this shape:
Your endpoint should respond with:
If you configure webhooks.inbound_call.secret, verify the HMAC-SHA256 signature using the same X-Webhook-Timestamp and X-Webhook-Signature headers shown above for event webhooks. Use inbound_call for personalization only. It is not a routing hook. It may run before call validation, so call initiation can still fail afterward. Subscribe to call.failed event webhooks to notify your backend when a phone call is blocked before call.started. See the Webhooks guide for request examples and HMAC verification details.

Security

connect() fetches connection details and connects in one call. To keep your API key off the browser, split into two steps:
Important: Pass endToken from your backend to the frontend. The SDK uses it on disconnect() to free the concurrency slot immediately. REST methods (agents.*, tts.*, analytics.*, etc.) require an API key and are CORS-blocked from browsers.

Error Handling

Connection errors

The connect() method throws an Error if connection fails. Common error cases:
Call initiation validation failures use the public code CALL_VALIDATION_FAILED and include a structured reason such as insufficient_credits, subscription_inactive, or max_concurrent_calls_exceeded. For phone calls, subscribe to call.failed event webhooks because the caller does not receive a spoken failure reason. Errors are also emitted via onError and reflected in onStatusChange:

REST API errors (agents, TTS, analytics, etc.)

REST methods throw VoiceAIError:

TypeScript

Full TypeScript support. Exported types:

Browser Support

Chrome, Firefox, Safari (latest versions). Requires microphone permission for voice features.