logo
On this page

Authentication


Overview

To avoid unauthorized service access or operations, ZEGOCLOUD uses digital Tokens to control and validate users' login privileges.

The validation process

Before you log in to a room, your app clients request Tokens from your app server and provide the Token for privilege validation when logging in to a room.

The following diagram shows the process of room login privilege validation:

Generate a Token

Warning

For business security, you must generate Tokens on your app server.

  1. Go to ZEGOCLOUD Admin Console, and do the following:

    • Create a project, get the AppID and AppSign.
    • Subscribe to the In-app Chat service.
  2. Use the token generator plug-in provided by ZEGOCLOUD to generate Tokens on your app server.

Take Go language as an example, you can do the following steps to generate a Token:

  1. go get github.com/ZEGOCLOUD/zego_server_assistant
  2. import "github.com/ZEGOCLOUD/zego_server_assistant/token/go/src/token04"
  3. Call the GenerateToken04 method to generate a Token.

The following code shows how to generate a user identity Token:

LanguageSupported versionCore functionCode baseSample code
User identity TokenUser privilege Token
GoGo 1.14.15 or laterGenerateToken04
C++C++ 11  or laterGenerateToken04
JavaJava 1.8  or latergenerateToken04
PythonPython 3.6.8  or latergenerate_token04
PHPPHP 7.0  or latergenerateToken04
.NET.NET Framework 3.5  or laterGenerateToken04
Node.jsNode.js 8  or latergenerateToken04
Untitled
var appId uint32 = <Your AppId>   // type: uint32
userId := <Your userID>  // type: string
secret := <ServerSecret>  // type: 32 byte length string
var effectiveTimeInSeconds int64 = <Your token effectiveTime> //type: int64; unit: s

token, err := zsa.GenerateToken04(appId, userId, secret, effectiveTimeInSeconds)
if err != nil {
    fmt.Println(err)
    return
}
fmt.Println(token)
1
Copied!

Use the Token

When logging in to a room, you need to pass the Token for validation. Otherwise, the login will fail.

Untitled
ZIMUserInfo *userInfo = [[ZIMUserInfo alloc] init];
userInfo.userID = @"YOUR_USER_ID";
userInfo.userName = @"YOUR_USER_NAME";

NSString *token = @"xxxxxxxx"; // Obtain the token from the server.

[zim loginWithUserInfo:userInfo token:token callback:^(ZIMError * _Nonnull errorInfo) {
        // Check whether the login is successful based on the `ZIMErrorCode`.
}];
1
Copied!

Renew the Token

In the 30 seconds before a Token expires, the SDK sends out a notification through the tokenWillExpire callback. (If the period of validity of the Token is less than 30 seconds after a successful room login, the callback triggers immediately. )

Upon receiving this callback, you need to get a new Token from your app server first, and then pass the new Token to the renewToken method.

Note

When the token expires and is not updated, the user will be disconnected and receive the connectionStateChanged callback, where the event is ZIMConnectionEventTokenExpired and the state is ZIMConnectionStateDisconnected.

Untitled
- (void)zim:(ZIM *)zim tokenWillExpire:(unsigned int)second {
    NSString *token = [MyToken getToken]; // Obtain a new token from the server.
    [self.zim renewToken:token callback:^(ZIMError * _Nonnull errorInfo) {
        // Check whether the token is updated successfully based on the `ZIMErrorCode`.
        ......
    }];
}
1
Copied!

Previous

ZIM upgrade guide

Next

Manage users