Skip to content

Backendless Login API

Registered users can login using the API described below. The login operation requires two properties: one marked asuser identity and the second is password. Backendless automatically assigns the "AuthenticatedUser" role to all successfully logged in users. The role can be used to differentiate access to various resources (data in the database, files, messaging channels) between authenticated users and guests.

Non-Blocking API

public void Backendless.UserService.Login( String login, 
                                            String password, 
                                            AsyncCallback<BackendlessUser> callback );

public void Backendless.UserService.Login( String login, 
                                           String password, 
                                           AsyncCallback<BackendlessUser> callback, 
                                           bool stayLoggedIn )

Blocking API

public BackendlessUser Backendless.UserService.login( String login, 
                                                      String password );

public BackendlessUser Backendless.UserService.Login( String login, 
                                                      String password, 
                                                      bool stayLoggedIn )


Argument                Description
login a value for a property marked as identity.
password user's password
callback an object which receives either a return value or an error from the server.
stayLoggedIn requests to store the user's login information so the login form can be skipped next time the user launches the app.

Return value

a BackendlessUser object representing the logged in user. The object has the values for all the properties stored in Backendless database including those for which the "auto-load" option is enabled.


The following errors may occur during the Login API call. See the Error Handling section for details on how to retrieve the error code when the server returns an error.

Error Code
Version is disabled or provided wrong application info (application id or secret key)
Login has been disabled for the user account.
Missing login settings, possibly invalid application id or version.
User cannot login because Multiple Logins disabled and there is a logged in user for the account.
Invalid login or password.
Either login or password is an empty string value.
User logins are disabled for the version of the application.
Account locked out due to too many failed logins.
One of the required parameters (application id, version, login or password) is null
Multiple login limit for the same user account has been reached.
Property value exceeds the length limit

Non-blocking Example

// do not forget to call Backendless.App.Init in the app initialization code

AsyncCallback<BackendlessUser> callback = new AsyncCallback<BackendlessUser>(
        user =>
          System.Console.WriteLine( "User logged in. Assigned ID - " + user.ObjectId );
          Dictionary<string, object> props = user.Properties;
          foreach( KeyValuePair<string, object> pair in props )
            System.Console.WriteLine( String.Format( "Property: {0} - {1}", pair.Key, pair.Value ) );
        fault =>
          System.Console.WriteLine( fault.ToString() );
        } );

String login = "james.bond123";
String password = "guessIt";
Backendless.UserService.Login( login, password, callback );

Blocking Example

// do not forget to call Backendless.InitApp in the app initialization code

BackendlessUser user;

  String login = "james.bond123";
  String password = "guessIt";
  user = Backendless.UserService.Login( login, password );
  System.Console.WriteLine( "User is logged in. ObjectId - " + user.ObjectId );
catch( BackendlessException exception )
  // login failed, to get the error code, use exception.Fault.FaultCode

Validating User Login

The login operation provides a way to persist the user-token on the client side so it can be used when the application is restarted. This helps in streamlining the user experience since the user of the application does not need to login again. However, when the application restarts, it needs to check if the underlying user token, and hence the user session are still valid. This can be accomplished with the API below:

Non-Blocking API

public void Backendless.UserService.IsValidLogin( AsyncCallback<Boolean> callback );

Blocking API

public bool Backendless.UserService.IsValidLogin()

If the login (user token) is valid, objectId of the logged in user can be retrieved with the following call. The method returns null if login has not been previously persisted:

string loggedInUserObjectId = Backendless.UserService.LoggedInUserObjectId();

Subsequently, the BackendessUser instance can be obtained with the following API:

Non-blocking call:

                            AsyncCallback<BackendlessUser> callback )

Blocking call:

Backendless.Data.Of<BackendlessUser>).FindById( loggedInUserObjectId )


Log in a user first. Make sure the stayLoggedIn argument is true.The value of true persists the login information:

Backendless.UserService.Login( "", "superm@n", true );

Then, check whether the login is valid - see the example below:

Blocking example:

Boolean isValidLogin = Backendless.UserService.IsValidLogin();
System.Console.WriteLine( "Is login valid? - " + isValidLogin );

Non-blocking example:

AsyncCallback<Boolean> callback = new AsyncCallback<Boolean>(
  isValidLogin =>
    System.Console.WriteLine( "Is login valid? - " + isValidLogin );
  fault =>
    System.Console.WriteLine( fault.ToString() );
  } );

Backendless.UserService.IsValidLogin( callback );