All Products
Search
Document Center

Check user consistency

Last Updated: Jul 06, 2021

In some cases, the business system has high-security requirements on data synchronization, namely, the target users of the push must be the current logon users and not fake. For that, the MSS provides user consistency verification, which can be turned on by the user when needed. The general principle of this function is:

  • The client reports user ID (userId) and authorization token (sessionId) when the client connects to the server. Both userId and sessionId are the data returned after the user logs on to the system. When userId and sessionId change, the relevant APIs need to be called to ensure that the persistent connection is established correctly.
  • The server calls a consistency verification interface implemented by the tenant, and the tenant checks the consistency through this interface. The data synchronization service records an identifier indicating whether the consistency requirement is met.
  • For synchronization configuration with high security requirements, the tenant can enable user consistency verification, and data is pushed only to devices of users who have passed the consistency verification. If user consistency verification is not enabled, the consistency verification results are ignored.

Configure user consistency verification interface

The following section describes how to configure the consistency validation interface com.antcloud.session.validate and explains the interface usage.

Note that after configuring the consistency verification interface in the mPaaS console, you need to disable the signature verification feature of this RPC. Otherwise, the logic of consistency verification for mobile synchronization will not work properly.

Operation path

After you log on to the mPaaS console, select the target App and choose Mobile Gateway Service > Manage API to add the API. For more information, see Mobile Gateway > Manage APIs.

API description

The operationType of the API to be added must be com.antcloud.session.validate. The request parameters are as follows:

Parameter Type and length Required Example Description
InstanceId String Required instancedemo String of workspaceId_appId
userId String Required 20880939 User ID.
sessionId String Required kkdddd Authorization token carried by the client.

Returned parameters

The data returned after implementing the consistency verification logic is in JSON format, as shown in the following example:

 
  1. {
  2. "response": {
  3. "resultCode": "OK",
  4. "resultMsg": "Operation is done successfully",
  5. "success": "true",
  6. "result": {
  7. "sid": "kkdddd",
  8. "valid":"true/false"
  9. }
  10. }
  11. }

Attribute description:

Parameter Data type Example Description
success boolean true/false The business call result. Valid values: true and false, where true indicates a successful call and false indicates a failed call. If the call fails, check the value of returnCode to locate the cause. For more information, see Result codes as follows .
returnCode String ERROR The result code.
resultMsg String SYSTEM-ERROR Result information.
sid String kkdddd The authorization token or sessionId.
valid boolean true/false Verification result.

Result codes

Result Result code Description
true OK Business call succeeded.
false OPERATION_ERROR The operation fails. Only the com.antcloud.session.validate API is called.