Authentication

In order to use the Chat SDK features in your client app, an SBDMain instance should be initiated in each client app through user authentication with the Sendbird server. The instance communicates and interacts with the server using an authenticated user account, and is allowed to use the Chat SDK features.

To use our chat features, you should initialize an SBDMain instance by passing the APP_ID of your Sendbird application to the SBDMain::Init(). The SBDMain::Init() must be called once across your client app. Typically, initialization is implemented in the user login screen.

// Initialize SBDMain instance to use APIs in your app.
SBDMain::Init(APP_ID);

By default, the Sendbird server can authenticate a user with a unique user ID. The server queries the database to check for a match upon the request for connection. If no matching user ID is found, the server creates a new user account with the user ID. The ID should be unique within a Sendbird application to be distinguished from others, such as a hashed email address or a phone number.

Note: Go to the Event handler page to learn more about the usages of the Chat SDK's handlers and callbacks.

SBDMain::Connect(USER_ID, SBD_NULL_WSTRING, [](SBDUser* user, SBDError* error) {
    if (error != nullptr) {
        // Handle error.
        return;
    }

    // The user is connected to the Sendbird server.
});

When a user logs in to a client app using the Chat SDK, you can choose how to authenticate a user. A user authentication can be done with just their own user ID, but also with either an access token or a session token. If a token is issued for a user, it must be provided to the Sendbird server every time the user logs in using the SBDMain::Connect() method.

Through our Chat Platform API, an access token can be generated when creating a user. You can also issues an access token for an existing user. Once an access token is issued, a user is required to provide the access token in the SBDMain::Connect() method which is used for logging in.

1. Using the Chat API, create a Sendbird user account with the information submitted when a user signs up or in to your service.
2. Save the user ID along with the issued access token to your persistent storage which is securely managed.
3. When the user attempts to sign in to the Sendbird application, load the user ID and access token from the storage, and then pass them to the SBDMain::Connect() method.
4. Periodically replacing the user's access token is recommended to protect the account.

Note: Go to Settings > Application > Security > Access token permission on your dashboard to prevent users without an access token from logging in to your Sendbird application or restrict their access to read and write messages.

SBDMain::Connect(USER_ID, ACCESS_TOKEN, [](SBDUser* user, SBDError* error) {
    if (error != nullptr) {
        // Handle error.
        return;
    }

    // The user is authenticated using the access token and is connected to the Sendbird server.
});

You can also use a session token instead of an access token to authenticate a user. This is a more secure option because session tokens expire after a certain period whereas access tokens don't. Refer to the Chat API guide that further explains about the difference between access token and session token, how to issue a session token, and how to revoke all session tokens.

A user should be disconnected from the Sendbird server when they no longer need to receive messages from an online state.

When disconnected from the server, it flushes all internally cached data, such as the cached channels from calling the SBDOpenChannel::GetChannel() or SBDOpenChannel::GetChannel() method.

Note: By default, most of the data related to users, channels, and messages are internally cached in the SBDMain instance of a user's client app, which are retrieved by the corresponding query instances or received through the event handlers.

SBDMain::Disconnect([]() {
    // The current user is disconnected from the Sendbird server.
});