All Products
Search
Document Center

Mobile Platform as a Service:Check user consistency

Last Updated:Aug 01, 2023

In some cases, the business system has high-security requirements on data synchronization, namely, the target users of the push must be the current logon users and not fake. For that, the MSS provides user consistency verification, which can be turned on by the user when needed. The general principle of this function is:

In some cases, the business system has high-security requirements on data synchronization, namely, the target users of the push must be the current logon users and not fake. For that, the MSS provides user consistency verification, which can be turned on by the user when needed. The general principle of this function is:

  • The client reports user ID (userId) and authorization token (sessionId) when the client connects to the server. Both userId and sessionId are the data returned after the user logs on to the system. When userId and sessionId change, the relevant APIs need to be called to ensure that the persistent connection is established correctly.

  • The server calls a consistency verification interface implemented by the tenant, and the tenant checks the consistency through this interface. The data synchronization service records an identifier indicating whether the consistency requirement is met.

  • For synchronization configuration with high security requirements, the tenant can enable user consistency verification, and data is pushed only to devices of users who have passed the consistency verification. If user consistency verification is not enabled, the consistency verification results are ignored.

Configure user consistency verification interface

The following section describes how to configure the consistency validation interface com.antcloud.session.validate and explains the interface usage.

Note that after configuring the consistency verification interface in the mPaaS console, you need to disable the signature verification feature of this RPC. Otherwise, the logic of consistency verification for mobile synchronization will not work properly.

Operation path

After you log on to the mPaaS console, select the target App and choose Mobile Gateway Service > Manage API to add the API. For more information, see Mobile Gateway > Manage APIs.

API description

The operationType of the API to be added must be com.antcloud.session.validate. The request parameters are as follows:

Parameter

Type and length

Required

Example

Description

InstanceId

String

Required

instancedemo

String of workspaceId_appId

userId

String

Required

20880939

User ID.

sessionId

String

Required

kkdddd

Authorization token carried by the client.

Returned parameters

The data returned after implementing the consistency verification logic is in JSON format, as shown in the following example:

{
        "resultCode": "OK",
        "resultMsg": "Operation is done successfully",
        "success": true,
        "result": { 
            "sid": "kkdddd",
            "valid":true/false
        } 
}

Attribute description:

Parameter

Data type

Example

Description

success

boolean

true/false

The business call result. Valid values: true and false, where true indicates a successful call and false indicates a failed call. If the call fails, check the value of returnCode to locate the cause. For more information, see Result codes as follows .

returnCode

String

ERROR

The result code.

resultMsg

String

SYSTEM-ERROR

Result information.

sid

String

kkdddd

The authorization token or sessionId.

valid

boolean

true/false

Verification result.

Result codes

Result

Result code

Description

true

OK

Business call succeeded.

false

OPERATION_ERROR

The operation fails. Only the com.antcloud.session.validate API is called.