DocumentationServer APICode SamplesSDK Downloads ↗
quickblox.com ↗Support ↗Log In ↗

Authentication

Learn how to authenticate your users with QuickBlox.

Suggest Edits

Every user needs to authenticate with QuickBlox before using any QuickBlox functionality. When someone connects with an application using QuickBlox, the application needs to obtain a session token which provides temporary secure access to QuickBlox APIs. A session token is an opaque string that identifies a user and an application.

Visit our Key Concepts page to get an overall understanding of the most important QuickBlox concepts.

Before you begin

  1. Register a QuickBlox account. This is a matter of a few minutes and you will be able to use this account to build your apps.
  2. Configure QuickBlox SDK for your app. Check out our Setup page for more details.

Session token rights

There are different types of session tokens to support different use cases.

Application session token

Description

Application session token

This kind of access token is needed to read the app data. Has only READ access to resources. The expiration time after the last REST API request is 2 hours.

User session token

The user token is the most commonly used type of token. This kind of access token is needed any time the app calls an API to read, modify or write a specific user's data on their behalf. Has READ/WRITE access to resources. The expiration time after the last REST API request is 2 hours.

Get session

You can check whether you have a session or not.

QB.auth
  .getSession()
  .then(function (session) {
    // handle session
  })
  .catch(function (e) {
    // something went wrong
  });

Log in user

If you have an application session, you can upgrade it to a user session by calling login() method.

const loginParams = {
  login: 'yourlogin',
  password: 'yourpassword'
};

QB.auth
  .login(loginParams)
  .then(function (info) {
    // signed in successfully, handle info as necessary
    // info.user - user information
    // info.session - current session
  })
  .catch(function (e) {
    // handle error
  });

Log out user

If you have a user session, you can downgrade it to an application session by calling logout() method.

QB.auth
  .logout()
  .then(function () {
    // signed out successfully
  })
  .catch(function (e) {
    // handle error
  });

Set existing session

Typically, a session token is stored in SDK after successful login and used for every subsequent API call. However, you may want to obtain and store the session on your server for better security. In this case, you can set the existing session token into SDK using the setSession() method.

const session = {
  applicationId: 76730,
  token: "8b75a6c7191285499d890a81df4ee7fe49bc732a",
  userId: 96752798,
};

QB.auth
  .setSession(session)
  .then((result) => {})
  .catch((error) => {});

The setSession() method accepts one argument of the object type that has the following fields:

Field

Required

Description

applicationId

yes

Application ID.

token

yes

QuickBlox session token.

userId

yes

User ID.

🚧

You must call the init() method before calling the setSession() method. If you attempt to call the method without initializing SDK previously, the error will be returned.

Updated 3 months ago

What’s Next
Did this page help you?