In some cases, the business system has high-security requirements on data synchronization, namely, the target users of the push must be the current logon users and not fake. For that, the MSS provides user consistency verification, which can be turned on by the user when needed. The general principle of this function is:
- The client reports user ID (userId) and authorization token (sessionId) when the client connects to the server. Both userId and sessionId are the data returned after the user logs on to the system. When userId and sessionId change, the relevant APIs need to be called to ensure that the persistent connection is established correctly.
- The server calls a consistency verification interface implemented by the tenant, and the tenant checks the consistency through this interface. The data synchronization service records an identifier indicating whether the consistency requirement is met.
- For synchronization configuration with high security requirements, the tenant can enable user consistency verification, and data is pushed only to devices of users who have passed the consistency verification. If user consistency verification is not enabled, the consistency verification results are ignored.
The following section describes how to configure the consistency validation interface
com.antcloud.session.validate and explains the interface usage.
Note that after configuring the consistency verification interface in the mPaaS console, you need to disable the signature verification feature of this RPC. Otherwise, the logic of consistency verification for mobile synchronization will not work properly.
After you log on to the mPaaS console, select the target App and choose Mobile Gateway Service > Manage API to add the API. For more information, see Mobile Gateway > Manage APIs.
operationType of the API to be added must be
com.antcloud.session.validate. The request parameters are as follows:
|Parameter||Type and length||Required||Example||Description|
|InstanceId||String||Required||instancedemo||String of workspaceId_appId|
|sessionId||String||Required||kkdddd||Authorization token carried by the client.|
The data returned after implementing the consistency verification logic is in JSON format, as shown in the following example:
"resultMsg": "Operation is done successfully",
|success||boolean||true/false||The business call result. Valid values:
|returnCode||String||ERROR||The result code.|
|sid||String||kkdddd||The authorization token or sessionId.|
|true||OK||Business call succeeded.|
|false||OPERATION_ERROR||The operation fails. Only the