logo
ConsoleSign Up
FAQ
Overview
On this page

What are the Token authentication methods for Express SDK, and how should they be used?

2023-12-11
Products / Plugins:Video Call / Audio Call / Live streaming
Platform / Framework:iOS / Android / macOS / Windows

Introduction

Express SDK's Token authentication is divided into Basic Authentication Token and Permission Authentication Token. Developers can choose the appropriate authentication method based on their business scenarios.

Authentication refers to verifying whether a user has the permission to access the system to avoid security risks caused by missing permission control or improper operations. ZEGO authenticates users through Token (including Basic Authentication Token and Permission Authentication Token).

Authentication MethodDescriptionApplication Scenario
Basic Authentication TokenDevelopers must bring the Token parameter when logging into a room to verify the legitimacy of the user.Basic Authentication Token is the basic capability of Token, used for simple permission verification scenarios in business. In most cases, generating this Token is sufficient.
Permission Authentication TokenTo further improve security, two permission bits for room ID and stream publishing ID have been opened, which can verify the room ID and stream publishing ID for room login.The general use cases for room ID and stream publishing ID permission bits are as follows:
  • There is a distinction between regular rooms and member rooms, and you need to control non-member users from logging into member rooms.
  • In voice chat rooms or show live streaming, you need to control the consistency between stream publishing users and users on the mic to prevent "ghost mic" phenomena, that is, hearing the voice of non-mic users in the room.
  • In speech games like Werewolf, you need to prevent hackers from using other user IDs to log into the same room after the application is cracked, obtaining game progress information for cheating, and affecting the gaming experience of normal users.
Note

Basic Authentication Token has related permissions enabled by default. Permission Authentication Token requires contacting ZEGOCLOUD Technical Support to enable related permissions.

Different platforms' SDK support for using Token authentication functionality varies (refer to the version numbers below). You can query your current SDK version through the getVersion interface to confirm whether this feature is supported.

  • iOS/Android/macOS/Windows/Unity3D: Version 2.17.0 and above
  • Flutter: Version 2.17.1 and above
  • React Native: Version 0.17.0 and above
  • uni-app: Version 1.5.0 and above
  • Electron: Version 2.17.3 and above
  • Linux (C++): Version 2.17.3 and above

Implementation Process

Please select the corresponding documentation below based on your business development platform to implement Token authentication.

ProductReference Documentation
Video Call
Real-time Voice

Other References

Previous

Why does the client online authentication fail when accessing the ZegoEffects service through the URL address?

Next

When using CDN recording, if the streaming end experiences stream interruption, multiple recording files will be generated. How can these recording files be merged?

On this page

Back to top