- Release Notes
- Product Introduction
- Purchase Guide
- Getting Started with Demos
- Console Guide
- SDK Documentation
- SDK Download
- Quick Integration (Including UI Library)
- General Integration (No UI Library)
- Update Logs (Web & Mini Programs)
- Update Log (Native)
- Legacy API Tutorials
- Client APIs
- Server APIs
- Generating UserSig
- RESTful APIs
- RESTful API Overview
- RESTful API List
- Account Management
- One-to-One Messages
- Profile Management
- Pushing to All Users
- Relationship Chain Management
- Group Management
- Getting All Groups in an App
- Creating a Group
- Getting Group Profiles
- Getting Group Member Profiles
- Modifying the Profile of a Group
- Adding Group Members
- Deleting Group Members
- Modifying the Profile of a Group Member
- Disbanding a Group
- Getting the Groups a User Has Joined
- Querying the Roles of Users in a Group
- Bulk Muting and Unmuting
- Getting the List of Muted Group Members
- Sending Ordinary Messages in a Group
- Sending System Messages in a Group
- Recalling Group Messages
- Changing Group Owner
- Importing a Group Profile
- Importing Group Messages
- Importing Group Members
- Setting the Unread Message Count of a Member
- Recalling Messages Sent by a Specified User
- Pulling Historical Messages
- Getting the Number of Online Users in an Audio-Video Group
- Global Mute Management
- Operations Management
- Online States
- Third-Party Callbacks
- Third-Party Callback Overview
- Callback Command List
- Online Status Callbacks
- Relationship Chain Callbacks
- One-to-One Message Callbacks
- Group System Callbacks
- Callback Before Creating a Group
- Callback After Creating a Group
- Callback Before Accepting a Request to Join a Group
- Callback Before Accepting a Request to Add a User to a Group
- Callback After a User Joins a Group
- Callback After a User Leaves a Group
- Callback Before Sending a Group Message
- Callback After Sending a Group Message
- Callback After a Group Is Full
- Callback After Disbanding a Group
- Callback After Modifying Group Profile
- Callback Mutual Authentication Configuration Guide
- Best Practices
- FAQs
- General References
- Error Codes
- Release Notes
- Product Introduction
- Purchase Guide
- Getting Started with Demos
- Console Guide
- SDK Documentation
- SDK Download
- Quick Integration (Including UI Library)
- General Integration (No UI Library)
- Update Logs (Web & Mini Programs)
- Update Log (Native)
- Legacy API Tutorials
- Client APIs
- Server APIs
- Generating UserSig
- RESTful APIs
- RESTful API Overview
- RESTful API List
- Account Management
- One-to-One Messages
- Profile Management
- Pushing to All Users
- Relationship Chain Management
- Group Management
- Getting All Groups in an App
- Creating a Group
- Getting Group Profiles
- Getting Group Member Profiles
- Modifying the Profile of a Group
- Adding Group Members
- Deleting Group Members
- Modifying the Profile of a Group Member
- Disbanding a Group
- Getting the Groups a User Has Joined
- Querying the Roles of Users in a Group
- Bulk Muting and Unmuting
- Getting the List of Muted Group Members
- Sending Ordinary Messages in a Group
- Sending System Messages in a Group
- Recalling Group Messages
- Changing Group Owner
- Importing a Group Profile
- Importing Group Messages
- Importing Group Members
- Setting the Unread Message Count of a Member
- Recalling Messages Sent by a Specified User
- Pulling Historical Messages
- Getting the Number of Online Users in an Audio-Video Group
- Global Mute Management
- Operations Management
- Online States
- Third-Party Callbacks
- Third-Party Callback Overview
- Callback Command List
- Online Status Callbacks
- Relationship Chain Callbacks
- One-to-One Message Callbacks
- Group System Callbacks
- Callback Before Creating a Group
- Callback After Creating a Group
- Callback Before Accepting a Request to Join a Group
- Callback Before Accepting a Request to Add a User to a Group
- Callback After a User Joins a Group
- Callback After a User Leaves a Group
- Callback Before Sending a Group Message
- Callback After Sending a Group Message
- Callback After a Group Is Full
- Callback After Disbanding a Group
- Callback After Modifying Group Profile
- Callback Mutual Authentication Configuration Guide
- Best Practices
- FAQs
- General References
- Error Codes
UserSig is a password that is used to log in to IM. It is the ciphertext that results from encrypting certain data such as UserID. This document describes how to generate a UserSig.
Obtaining a Key
- Log in to the IM console.
Note:
If you do not have any applications yet, create one and then perform step 2.
- Click the target application card to go to its basic configuration page.
- In the Basic Info section, click Display Key next to Key.
- Click Copy to copy and save the key information.
Note:
Store the key information properly so as to prevent leaks.
Calculating a UserSig on the Client
The GenerateTestUserSig open-source module provided in the sample code of the IM SDK can help you quickly generate a UserSig. You only need to configure three member variables, SDKAPPID (SDKAppID of the app), EXPIRETIME (UserSig expiration time), and SECRETKEY (key information), and then call the genTestUserSig() function to quickly obtain a UserSig.
To simplify this process, we provide the source code for computing a UserSig for the following languages and platforms. You can directly download and integrate the source code into your client.
| Programming Language | Platform | GenerateTestUserSig Source Code |
|---|---|---|
| Java | Android | GenerateTestUserSig.java |
| Objective-C | iOS | GenerateTestUserSig.h |
| Objective-C | Mac | GenerateTestUserSig.h |
| C++ | Windows | GenerateTestUserSig.h |
| Javascript | Web | GenerateTestUserSig.js |
| Javascript | Mini Program | GenerateTestUserSig.js |
| Dart | Flutter | GenerateTestUserSig.dart |
Note:
In this method, the SECRETKEY is easy to decompile and reverse engineer. If the SECRETKEY is leaked, hackers can steal your Tencent Cloud traffic. Therefore, this method is used only to locally run through a demo project and debug features.
The correct way to issue a UserSig is to integrate the UserSig calculation code snippet into your server and provide app-oriented APIs. When UserSig is needed, your app will send a request to the business server to obtain a dynamic UserSig. For more information, see Generating a UserSig on the Server.
Generating a UserSig on the Server
Generating a UserSig on the server provides maximum protection against the disclosure of the key used for calculating the UserSig. You only need to deploy the code for calculating the UserSig on your server and provide an app-oriented API. When a UserSig is needed, your app will send a request to the business server to obtain a dynamic UserSig.
To simplify this process, we provide the source code for computing a UserSig for the following languages and platforms. You can directly download and integrate the source code into your server.
| Programming Language | Key Function | Download Link |
|---|---|---|
| Java | HMAC-SHA256 | genSig |
| GO | HMAC-SHA256 | GenSig |
| PHP | HMAC-SHA256 | genSig |
| Nodejs | HMAC-SHA256 | genSig |
| Python | HMAC-SHA256 | gen_sig |
| C# | HMAC-SHA256 | GenSig |
| C++ | HMAC-SHA256 | gen_sig |
The calculation function of UserSig uses key parameters like SDKAppID, UserID, and the UserSig validity period. The key parameters are described in detail in the following list.
Note:
The list below uses Java as an example, and the field names may vary depending on the actual language.
| Field Name | Parameter Description |
|---|---|
| sdkappid | SDKAppID of the app, which can be obtained from the corresponding app card in the IM console |
| userId | User ID, formerly known as Identifier |
| expire | Validity period of the UserSig in seconds |
| userbuf | IM uses APIs without UserBuf by default, which this parameter is set to null by default.You may need to use APIs with UserBuf for some TRTC scenarios, such as joining a room. For more information, see Configuring Permissions for Entering a Room. |
| key | Information of the key, which can be obtained from the app details page in the IM console. For details, see Getting the key. |
Algorithms of Earlier Versions
To simplify signature calculation so that users can conveniently and quickly use Tencent Cloud services, the signature algorithm of the IM service has been upgraded from ECDSA-SHA256 to HMAC-SHA256 since July 19, 2019. This means that all SDKAppIDs created after July 19, 2019 will use the new HMAC-SHA256 algorithm.
If your SDKAppID was created before July 19, 2019, we recommend that you upgrade its signature algorithm to the HMAC-SHA256 Algorithm. The upgrade will not affect your current businesses. Alternatively, you can still use the signature algorithm of an earlier version. The URLs for downloading the source code of the ECDSA-SHA256 algorithm for different languages are as follows:
Yes
No
Was this page helpful?