Skip to content

Passwordless Login API

Description

A user can be logged in without a password using the API documented below.

This functionality can be used only in CloudCode (Java, JS or Codeless), the reason for this restriction is that a malicious use of this API can easily compromise application's security. As a result, this API must be used from a controlled environment.

Method

Non-Blocking API

public void Backendless.UserService.login( String objectId, AsyncCallback<BackendlessUser> responder, boolean stayLoggedIn )

Blocking API

public BackendlessUser Backendless.UserService.login( String objectId, boolean stayLoggedIn )

where:

Argument                Description
objectId Unique identifier of the user account which is used for login operation. String value.
stayLoggedIn Optional parameter. A boolean value requesting user login information to be saved so it can be reused when the application restarts (or page is reloaded).

Return Value

The BackendlessUser object containing user data.

{  
  "objectId" : value,  
  "user-token": value,   
  "prop-name1":value,  
  "prop-name2":value,  
  "prop-name3":value,  
  ...  
}

The "objectId" property is a unique identifier assigned by Backendless to the user account. The "user-token" value identifies the user session initiated by the Login operation.

Example

The example below logs in as the user account associated with the following objectId: "4D584E4D-05A3-4AC4-90C7-B80D1584E7AD".

Non-Blocking API

String objectId = "4D584E4D-05A3-4AC4-90C7-B80D1584E7AD";

Backendless.UserService.login( objectId, new AsyncCallback<BackendlessUser>()
{
  @Override
  public void handleResponse( BackendlessUser backendlessUser )
  {
    // result handling logic
  }

  @Override
  public void handleFault( BackendlessFault backendlessFault )
  {
    // error handling logic
  }
}, true );

Blocking API

String objectId = "4D584E4D-05A3-4AC4-90C7-B80D1584E7AD";

BackendlessUser user = Backendless.UserService.login( objectId, true );

CloudCode Codeless Reference

user_service_codeless_cloudcode_login

where:

Argument                Description
object id Unique identifier of the user account which is used for login operation.
return user Optional parameter. When this option is checked, the operation returns the BackendlessUserobject containing user data.

Important

This Codeless block is only available in CloudCode due to the security reasons. If this operation is exposed to users, then your application can be compromised.

This operation allows developers to log in to a specific user account without credentials such as identity or password. The operation only requires a unique identifier of a user (object id).

Consider the following record in the Users data table:

user_service_codeless_cloudcode_login_example_1

The example below logs in as "alice@yourmail.com" associated with the objectId: "4D584E4D-05A3-4AC4-90C7-B80D1584E7AD".

user_service_codeless_cloudcode_login_example_2

The BackendlessUser object will look as shown below after the Codeless logic runs:

user_service_codeless_cloudcode_login_example_3