Skip to content

Backendless Login API

Registered users can login using the API described below. The login operation requires two properties: one marked as user identity and the second is password. Backendless automatically assigns the "AuthenticatedUser" role to all successfully logged in users. The role can be used to differentiate access to various resources (data in the database, files, messaging channels) between authenticated users and guests.

Backendless.UserService.login( login, password, stayLoggedIn )
 .then( function( loggedInUser ) {
 .catch( function( error ) {


Argument                Description
login a value for the property marked as identity.
password user's password
stayLoggedIn a boolean value requesting user login information to be saved so it can be reused when the application restarts (or page is reloaded).
loggedInUser an instance of Backendless.User representing the logged in user.
error error object for an error thrown either out of the then block or from the server.

If the stayLoggedIn argument is set to true, the following APIs can be used to retrieved persisted information about the user:

// get objectId of the logged-in user:
var userObjectId = Backendless.LocalCache.get("current-user-id")

// get user-token of the logged-in user:
var userToken = Backendless.LocalCache.get("user-token")

// get current user object:
var userObject = await Backendless.UserService.getCurrentUser()


The following errors may occur during the Login API call. See the Error Handling section for details on how to retrieve the error code when the server returns an error.

Error Code
Version is disabled or provided wrong application info (application id or secret key)
Login has been disabled for the user account.
Missing login settings, possibly invalid application id or version.
User cannot login because Multiple Logins disabled and there is a logged in user for the account.
Invalid login or password.
Either login or password is an empty string value.
User logins are disabled for the version of the application.
Account locked out due to too many failed logins.
One of the required parameters (application id, version, login or password) is null
Multiple login limit for the same user account has been reached.
Property value exceeds the length limit


// do not forget to call Backendless.initApp( appId, apiKey ); to initialize your app

function userLoggedIn( user )
  console.log( "user has logged in" );

function gotError( err ) // see more on error handling
  console.log( "error message - " + err.message );
  console.log( "error code - " + err.statusCode );

Backendless.UserService.login( login, password, true )
 .then( userLoggedIn )
 .catch( gotError );

Validating User Login

The login operation provides a way to persist the user-token on the client side so it can be used when the application is restarted. This helps in streamlining the user experience since the user of the application does not need to login again. However, when the application restarts, it needs to check if the underlying user token, and hence the user session are still valid. This can be accomplished with the API below:


Non-Blocking API

function success( result )
  console.log( "Is login valid?: " + result );

function error( err ) 
  console.log( err.message );
  console.log( err.statusCode );

 .then( success )
 .catch( error );

Blocking API

var userTokenIsValid = Backendless.UserService.isValidLoginSync(); 
console.log( "Is login valid?: " +  userTokenIsValid );