Overview

Last updated:2025-12-31 11:48:17

Overview

Last updated: 2025-12-31 11:48:17

CloudBase provides a cross-platform login authentication feature. You can build your user system based on it for your application, including but not limited to:
Assign globally unique identity identifiers (uid) to users.
Store and manage user personal information.
Log in with the associated WeChat.
Manage user access permissions to data and resources.
Collect and analyze user behavior.
Meanwhile, CloudBase login authentication is also a crucial method to protect your service resources. CloudBase checks the identity and permissions for every request from the client to avoid your resources being consumed or misappropriated by malicious attackers.
Applicable scope:
Login authentication (v2) applies to @cloudbase/js-sdk@2.x versions.
Login Authentication Methods
CloudBase provides the following login authentication methods for different user scenarios:
Login Type
Scenarios
Anonymous login
Users log in to CloudBase with a temporary anonymous identity, with no registration required.
Email login
Users log in with their email and password.
Custom login
Developers can fully take over the login process, such as connecting to their account system and customizing login logic.
Custom login
Users log in with their username and password.
CloudBase User
Each user logged in to CloudBase has a corresponding CloudBase account. Users access and call the data and resources of CloudBase through this account.
UID
Each account has a globally unique UID as the identifier unique identifier, that is, the account ID.
User Information
The user information of each account can be added or modified. See User Management.
Login Method
Each account can be associated with other login methods in addition to the initial one. See Account Association.
Persisting Login Status
In @cloudbase/js-sdk@2.x versions, the login status supports only the local method (the web client retains authentication status for 30 days before explicit logout) to store identity status. (The session and none modes in the previous 1.x versions are no longer supported).
Access Token and Refresh Token
After logging in to CloudBase, users will obtain an access token as a credential to access CloudBase. The access token has a default valid period of two hours.
Upon login, users will also obtain a refresh token, with a default valid period of 30 days. The refresh token is used to get a new access token after expiry.
The CloudBase client SDK automatically maintains token refresh and valid period. Developers do not need to pay special attention to this process.
Note:
The refresh token for anonymous login will automatically renew upon expiration to achieve long-term anonymous login status.
﻿
﻿
﻿

Was this page helpful?

You can also Contact Sales or Submit a Ticket for help.

Yes

Feedback

Login Type	Scenarios
Anonymous login	Users log in to CloudBase with a temporary anonymous identity, with no registration required.
Email login	Users log in with their email and password.
Custom login	Developers can fully take over the login process, such as connecting to their account system and customizing login logic.
Custom login	Users log in with their username and password.

tencent cloud

Login Authentication Methods

CloudBase User

UID

User Information

Login Method

Persisting Login Status

Access Token and Refresh Token