Authentication

In order to use the features of the Chat SDK in your client apps, a SendBird instance must be initiated in each client app through user authentication with Sendbird server. The instance communicates and interacts with the server using an authenticated user account, and is allowed to use the Chat SDK's features. This page explains how to authenticate your user with the server.

To use our chat features, you must initialize a SendBird instance by passing the APP_ID of your Sendbird application as an argument to a parameter in the SendBird.init() method. The SendBird.init() must be called once in the onCreate() method of Application instance of your client app.

// Initialize SendBird instance to use APIs in your app.
SendBird.init(APP_ID, getApplicationContext());

Note: The code above will be deprecated soon. Use the new code with or without local caching instead.

With local caching, two new parameters have been added to the SendBird.init() method, which are useLocalCaching and InitResultHandler(). The following will show how you can initialize the Chat SDK with or without local caching.

The useLocalCaching determines whether the client app will use the local storage through Sendbird Chat SDK or not. If you want to build a client app with our local caching functionalities, set the useLocalCaching to true.

The InitResultHandler() gets the initialization status through different event handlers. The onMigrationStarted() is called when there's a change in the local cache. Meanwhile, the onInitFailed() and onInitSucceeded() informs the client app whether the initialization is successful or not.

Note: If you are not using Local caching, the onMigrationStarted() and onInitFailed() in the InitResultHandler() won't be called.

If the onInitFailed() is called when you set the useLocalCaching to true, the SDK will operate normally and change the value of the useLocalCaching to false. If you still wish to use the local caching, clear the database using the SendBird.clearCachedData(getApplicationContext(), CompletionHandler); and try the SendBird.init() again with the useLocalCaching set to true.

Note: Under this circumstance, the SDK will automatically change the value to false. When the useLocalCaching is set to false, you can use all the local caching functionalities except offline write.

// Initialize with the useLocalCaching set to true.
SendBird.init(APP_ID, getApplicationContext(), true, new InitResultHandler() {
    @Override
    public void onMigrationStarted() {
        Log.i("Application", "Called when there's a change in the local cache.");
    }

    @Override
    public void onInitFailed(SendBirdException e) {
        Log.i("Application", "Called when initialize failed. SDK will still operate properly as if useLocalCaching is set to false.");
    }

    @Override
    public void onInitSucceed() {
        Log.i("Application", "Called when initialize is done.");
    }
});

By default, Sendbird server can authenticate a user just by a unique user ID. Then the server queries the database to check for a match upon the request for connection. If no matching user ID is found, the server creates a new user account with the user ID. The ID must be unique within a Sendbird application to be distinguished from others, such as a hashed email address or phone number in your service. This authentication procedure is useful when in development or if your service doesn't require additional security.

As local caching has been introduced in the Chat SDK, the connection codes may require the result of the InitResultHandler.

If you initialize the Chat SDK with local caching, you need to get a callback from the InitResultHandler in order to connect. When the user is confirmed without any error, the SDK will proceed to connect with Sendbird server.

When one of the error codes 400300, 400301, 400302, and 400310 returns, you should clear all user data cached in the local storage and then reconnect to Sendbird server. Except when these errors occur, the client app can still draw a channel list view and a chat view in the offline mode using locally cached data. The SDK will receive an user object through a callback and try to reconnect later on. When the connection is made, the ConnectionHandler.onReconnectSucceeded() will be called.

Note: The user object can be passed in a callback only when the client app has succeeded in making the connection with the same user ID in the past. Go to the Event handler page to learn more about the usages of the Chat SDK's handlers and callbacks.

For the Chat SDK that doesn't use local caching, the connection process remains the same. If the user has ever been connected and their data exists in the local storage, the SDK can be connected to Sendbird server.

When an error occurs, the SDK must attempt to reconnect again.

// When the useLocalCaching is set to true.
SendBird.connect(USER_ID, new SendBird.ConnectHandler() {
    @Override
    public void onConnected(User user, SendBirdException e) {
        if (user != null) {
            if (e != null) {
                // Proceed in offline mode with the data stored in the local database.
                // Later, connection will be made automatically
                // and can be notified through the ConnectionHandler.onReconnectSucceeded().
            } else {
                // Proceed in online mode.
            }
        } else {
            // Handle error.
        }
    }
});

Note: You must receive the result of the InitResultHandler() before calling the connect(). Any methods can be called once the user is connected to Sendbird server. Otherwise, an ERR_CONNECTION_REQUIRED (800101) error would return.

When a user logs in to a client app using the Chat SDK, you can choose how to authenticate a user. A user authentication can be done with just their own user ID, but also with either an access token or a session token. If any token is issued for a user, it must be provided to Sendbird server each time the user logs in by using the SendBird.connect() method.

Through our Chat Platform API, an access token can be generated when creating a user. You can also issue an access token for an existing user. Once an access token is issued, a user is required to provide the access token in the SendBird.connect() method which is used for logging in.

1. Using the Chat API, create a Sendbird user account with the information submitted when a user signs up or in to your service.
2. Save the user ID along with the issued access token to your persistent storage which is securely managed.
3. When the user attempts to log in to a client app, load the user ID and access token from the storage, and then pass them to the SendBird.connect() method.
4. Periodically replacing the user's access token is recommended to protect the account.

Note: Go to Settings > Application > Security > Access token permission on your dashboard to prevent users without an access token from logging in to your Sendbird application or restrict their access to read and write messages.

// The USER_ID below should be unique to your Sendbird application.
SendBird.connect(USER_ID, ACCESS_TOKEN, new SendBird.ConnectHandler() {
    @Override
    public void onConnected(User user, SendBirdException e) {
        if (e != null) {
            // Handle error.
        }

        // The user is authenticated using the access token and is connected to Sendbird server.
        ...
    }
});

// The USER_ID below should be unique to your Sendbird application.
SendBird.connect(userId, ACCESS_TOKEN, new SendBird.ConnectHandler() {
    @Override
    public void onConnected(User user, SendBirdException e) {
        if (user != null) {
            if (e != null) {
                // offline mode. connection will be made automatically.
                // The connection will be notified by ConnectionHandler.onReconnectSucceeded()
            } else {
                // online mode
            }
        } else {
            // Handle error.
        }
    }
});

You can also use a session token instead of an access token to authenticate a user. It's a more secure option because session tokens expire after a certain period whereas access tokens don't. Our Chat Platform API guide further explains about the difference between access token and session token, how to issue a session token, and how to revoke all session tokens.

When a user logs in to a client app using the Chat SDK, a user can be authenticated with a session token. If a user is authenticated with a session token, the Chat SDK connects the user to the Sendbird server and can send data requests to it for ten minutes as long as the session token hasn't expired or hasn't been revoked.

Upon the user's session expiration, the Chat SDK will refresh the session internally. However, if the session token has expired or has been revoked, the Chat SDK can't do so. In that case, the client app needs to implement a SessionHandler() instance to refresh the token and pass it back to the SDK so that it can refresh the session again.

Note: A SessionHandler() instance must be set before the server connection is requested.

The following code shows how to implement the handler.

SendBird.setSessionHandler(new SessionHandler() {
    @Override
    public void onSessionTokenRequired(final SessionTokenRequester sessionTokenRequester) {
        // A new session token is required in the SDK to refresh the session.
        // Refresh the session token and pass it onto the SDK through `sessionTokenRequester.onSuccess(NEW_TOKEN)`.
        // If you do not want to refresh the session, pass on a null value through `sessionTokenRequester.onSuccess(null)`.
        // If any error occurred while refreshing the token, let the SDK know about it through `sessionTokenRequester.onFail()`.
    }

    @Override
    public void onSessionClosed() {
        // The session refresh has been denied from the app.
        // Client app should guide the user to a login page to log in again.
    }

    @Override
    public void onSessionRefreshed() {
        // OPTIONAL. No action is required.
        // Called when the session is refreshed.
    }

    @Override
    public void onSessionError(SendBirdException sendbirdException) {
        // OPTIONAL. No action is required.
        // Called when an error occurred during the session refresh.
    }
});

// SendBird.connect() should be called after setting SessionHandler().

Disconnect a user from the Sendbird server when they no longer need to receive messages from an online state. This is equivalent to the logout behavior rather than disconnecting the socket. To disconnect the web socket only without clearing locally cached data, please refer to the new interface in v4, disconnect websocket only. However, unless the user unregisters the push token, the user will still receive push notifications for new messages from group channels they've joined.

When a client app is disconnected, all event handlers registered through SendBird.addChannelHandler() or SendBird.addConnectionHandler() stop receiving event callbacks from the server. Then, all internally cached data in the client app are flushed. This includes channels that are cached when the OpenChannel.getChannel() or GroupChannel.getChannel() is called, as well as locally cached channels and messages.

SendBird.disconnect(new SendBird.DisconnectHandler() {
    @Override
    public void onDisconnected() {
        // The current user is disconnected from the Sendbird server and all locally saved data are cleared.
        ...
    }
});

Using the updateCurrentUserInfo() method, you can update a user's nickname and profile image with a URL.

SendBird.updateCurrentUserInfo(NICKNAME, PROFILE_URL, new UserInfoUpdateHandler() {
    @Override
    public void onUpdated(SendBirdException e) {
        if (e != null) {
            // Handle error.
        }

        // The current user's profile is successfully updated.
        // You could redraw the profile in a view in response to this operation.
        ...
    }
});

Or, you can upload a profile image directly using updateCurrentUserInfoWithProfileImage().

SendBird.updateCurrentUserInfoWithProfileImage(NICKNAME, PROFILE_FILE, new UserInfoUpdateHandler() {
    @Override
    public void onUpdated(SendBirdException e) {
        if (e != null) {
            // Handle error.
        }

        // A new profile images is successfully uploaded to Sendbird server.
        // You could redraw the profile in a view in response to this operation.
        ...
    }
});

Note: A user's profile image can be a JPG (.jpg), JPEG (.jpeg), or PNG (.png) file of up to 5 MB.