tencent cloud

Custom Login
Download PDF
Last updated:2025-12-31 11:48:17
Custom Login
Last updated: 2025-12-31 11:48:17
Download PDF
Developers can use custom login to issue custom login tickets with custom identity ID for users on their server or in cloud functions. Subsequently, the client SDK can use the ticket to sign in to CloudBase.

Applicable Scenarios

Custom login is generally used in the following scenarios:
Developers want to establish a one-to-one relationship between their account system and CloudBase account.
Developers want to take over the authentication process themselves.

Procedure Overview

Custom login involves the following steps:
1. Obtain the private key for CloudBase custom login.
2. Use the CloudBase server-side SDK to sign and issue a ticket with the private key, and return it to the client.
3. Client SDK uses the ticket to log in to CloudBase.

Step 1: Retrieving the Custom Login Private Key

1. Log in to the CloudBase Platform.
2. Go to the Identity Verification > Login Methods page.
3. In the login methods list, select Custom Login Methods, click Go to Settings to enable custom login, and then click Private Key Download.

4. The private key is a file with JSON data. Save the downloaded or copied private key file to your server or cloud function, assuming the path is /path/to/your/tcb_custom_login.json.
Note:
1. The private key file is an important credential to certify administrator identity. Ensure to keep it properly and avoid leakage.
2. Every time a private key file is generated, the previously generated private key file will become invalid after 2 hours.

Step 2: Issuing a Ticket

Call the CloudBase server SDK, pass the custom login private key during initialization, sign and send a ticket, and return it to the client.
const cloudbase = require("@cloudbase/node-sdk");

// 1. Initialize SDK.
const app = cloudbase.init({
  env: "your-env-id",
  // Pass custom login private key.
  credentials: require("/path/to/your/tcb_custom_login.json")
});

// 2. Developer-defined unique user identifier.
const customUserId = "your-customUserId";

// 3. Create a ticket.
const ticket = app.auth().createTicket(customUserId);

// 4. Return the ticket to the client.
return ticket;
Note:
customUserId should meet the following requirements:
4 to 32 characters.
Characters can only be uppercase or lowercase English letters, numbers, and _-#@(){}[]:.,<>+#~.

Step 3: Logging in to CloudBase with a Ticket

Note:
@cloudbase/js-sdk 2.8.31 and later versions are recommended.
The client application can call the method of the client SDK to log in to CloudBase after obtaining the ticket.
import cloudbase from '@cloudbase/js-sdk';

const app = cloudbase.init({
  env: 'your-env-id'
});

const auth = app.auth();

async function login(){
  const loginState = auth.hasLoginState();
  // 1. It is recommended to check whether you are already logged in before logging in.
  if(!loginState){
    // 2. Request the developer's service API to obtain the ticket.
    await auth.setCustomSignFunc(() => {
      // Get and return the ticket.
      return Promise.resolve(/* ticket */);
    })
    // 3. Log in to CloudBase.
    await auth.signInWithCustomTicket();
  }
}

login();




Was this page helpful?
You can also Contact Sales or Submit a Ticket for help.
Yes
No

Feedback