tencent cloud

Tencent Real-Time Communication

Release Notes and Announcements
Release Notes
Recent Product Announcement
TRTC Live (TUILiveKit) Product Launch Announcement
TRTC Conference Official Editions Launched
The commercial version of Conference is coming soon
Terms and Conditions Applicable to $9.9 Starter Package
Rules for the "First Subscription $100 Discount" Promotion
Announcement on the Start of Beta Testing for Multi-person Audio and Video Conference
TRTC Call Official Editions Launched
License Required for Video Playback in New Version of LiteAV SDK
TRTC to Offer Monthly Packages
Product Introduction
Overview
Concepts
Features
Strengths
Use Cases
Performance Statistics
Tencent RTC Quickplay: Experience Ultimate Real-Time Audio and Video Interaction!
Purchase Guide
Billing Overview
Free Minutes
Monthly subscription
Pay-as-you-go
TRTC Overdue and Suspension Policy
FAQs
Refund Instructions
User Tutorial
Free Demo
Call
Overview
Activate the Service
Run Demo
Integration
Offline Call Push
Conversational Chat
On-Cloud Recording
AI Noise Reduction
UI Customization
Calls integration to Chat
Additional Features
No UI Integration
Server APIs
Client APIs
Solution
ErrorCode
Release Notes
FAQs
Conference
Overview(TUIRoomKit)
Activate the Service (TUIRoomKit)
Run Demo(TUIRoomKit)
Integration(TUIRoomKit)
Screen Sharing (TUIRoomKit)
Schedule a meeting (TUIRoomKit)
In-meeting Call (TUIRoomKit)
UI Customization(TUIRoomKit)
Virtual Background (TUIRoomKit)
Conference Control (TUIRoomKit)
Cloud Recording (TUIRoomKit)
AI Noise Reduction (TUIRoomKit)
In-Conference Chat (TUIRoomKit)
Robot Streaming (TUIRoomKit)
Enhanced Features (TUIRoomKit)
Client APIs (TUIRoomKit)
Server APIs (TUIRoomKit)
FAQs (TUIRoomKit)
Error Code (TUIRoomKit)
SDK Update Log (TUIRoomKit)
Live
Billing of Video Live Component
Overview
Activating the Service (TUILiveKit)
Run Demo
No UI Integration
UI Customization
Live Broadcast Monitoring
Video Live Streaming
Voice Chat Room
Advanced Features
Client APIs
Server APIs
Error Codes
Release Notes
FAQs
RTC Engine
Activate Service
SDK Download
API Examples
Usage Guidelines
API Reference Manual
Advanced Features
AI Integration
Overview
Configure MCP Server
Install Skills
Integration Guide
FAQ
RTC RESTFUL API
History
Introduction
API Category
Room Management APIs
Stream mixing and relay APIs
On-cloud recording APIs
Data Monitoring APIs
Pull stream Relay Related interface
Web Record APIs
AI Service APIs
Cloud Slicing APIs
Cloud Moderation APIs
Making API Requests
Call Quality Monitoring APIs
Usage Statistics APIs
Data Types
Appendix
Error Codes
Console Guide
Application Management
Package Management
Usage Statistics
Monitoring Dashboard
Development Assistance
Solution
Real-Time Chorus
FAQs
Migration Guide
Billing
Features
UserSig
Firewall Restrictions
How to Downsize Installation Package
Android and iOS
Web
Flutter
Electron
TRTCCalling for Web
Audio and Video Quality
Others
Legacy Documentation
RTC RoomEngine SDK(Old)
Integrating TUIRoom (Web)
Integrating TUIRoom (Android)
Integrating TUIRoom (iOS)
Integrating TUIRoom (Flutter)
Integrating TUIRoom (Electron)
TUIRoom APIs
On-Cloud Recording and Playback (Old)
RTC Analytics Monthly Packages (Previous Version)
Protocols and Policies
Compliance
Security White Paper
Notes on Information Security
Service Level Agreement
Apple Privacy Policy: PrivacyInfo.xcprivacy
TRTC Policy
Privacy Policy
Data Processing And Security Agreement
Glossary
DocumentationTencent Real-Time CommunicationFAQsUserSig

UserSig

PDF
Focus Mode
Font Size
Last updated: 2025-12-25 14:21:10

Overview

This document outlines two authentication methods for Tencent-RTC services, with a focus on UserSig, a security signature by Tencent Cloud to safeguard against unauthorized access. For basic cloud service usage, provide SDKAppID, UserID, and UserSig during SDK initialization or login.
SDKAppID is used to identify your application.
UserID is used to identify your user.
UserSig is a security signature calculated based on the first two using the HMAC SHA256 encryption algorithm. As long as attackers cannot forge the UserSig, they cannot steal your cloud service traffic.

How to calculate UserSig during the debugging phase?

You can calculate and obtain UserSig using either Client Sample Code or the Console. Please refer to the following introduction for details.
Unsafe:
Note that the following two UserSig acquisition calculation schemes are only suitable for debugging. If the product is to be officially launched, using these schemes is not recommended because the SECRETKEY in the client code (especially on the Web) is easily vulnerable to decompilation and reverse engineering.

Client calculation of UserSig

1. Get SDKAppID and Key:

Log in to Tencent-RTC Console > App Management.
Locate the app with the desired SDKAppID, click its name for details.
Click on SDKSecretKey to reveal and copy.




2. Calculate UserSig:

To facilitate client use, we provide source files for calculating UserSig on various platforms. You can download and use them directly:
Android
iOS
Web
Windows(C++)
Windows(C#)
Flutter
Mac
GitHub
GitHub
GitHub
GitHub
GitHub
GitHub
GitHub
The sample code is as follows (of course, you can also refer to the demo projects of our products, see the development documentation of each product):
Android
iOS
Web
Window(C++)
Window(C#)
Flutter
Mac
// Step 1: Import the source file
import com.xxx.xxx.GenerateTestUserSig;

// Step 2: Fill in the SDKAppID and SDK key obtained from the previous steps
GenerateTestUserSig.SDKAPPID = xxxxxx;
GenerateTestUserSig.SECRETKEY = "xxxxxx";

// Step 3: Generate userSig based on userID
String userSig = GenerateTestUserSig.genTestUserSig("userID");
// Step 1: Import the header file
#import "GenerateTestUserSig.h"

// Step 2: Fill in the SDKAppID and SDK key obtained from the previous steps
[GenerateTestUserSig setSDKAPPID:xxxxxx];
[GenerateTestUserSig setSECRETKEY:@"xxxxxx"];

// Step 3: Generate userSig based on userID
NSString *userSig = [GenerateTestUserSig genTestUserSig:@"userID"];

// Step 1: Import the module
<script src='js/libs/lib-generate-test-usersig.min.js'></script>
<script src='js/libs/generateTestUserSig.js'></script>

// Step 2: Fill in the SDKAppID and SDK key obtained from the previous steps, enter the custom userID, and generate userSig
const {sdkAppId, userSig } = genTestUserSig({
	sdkAppId: xxxxxx, 
	userId: 'xxxxxx',
	sdkSecretKey: 'xxxxxx',
}
// Step 1: Import the header file
#include "GenerateTestUserSig.h"

// Step 2: Fill in the SDKAppID and SDK key obtained from the previous steps
const int SDKAPPID = xxxxxx;
const char* SECRETKEY = "xxxxxx";

// Step 3: Generate userSig based on userID
const char* userSig = GenerateTestUserSig::genTestUserSig("userID", SDKAPPID, SECRETKEY);
// Step 1: Import the header file
using GenerateTestUserSig;

// Step 2: Fill in the SDKAppID and SDK key obtained from the previous steps
GenerateTestUserSig.SDKAPPID = xxxxxx; 
GenerateTestUserSig.SECRETKEY = "xxxxxx";

// Step 3: Generate userSig based on userID
string userSig = GenerateTestUserSig.GetInstance().GenTestUserSig("userID");
// Step 1: Import the source file
import 'package:xxx/GenerateTestUserSig.dart';

// Step 2: Fill in the SDKAppID and SDK key obtained from the previous steps
GenerateTestUserSig.SDKAPPID = xxxxxx;
GenerateTestUserSig.SECRETKEY = "xxxxxx";

// Step 3: Generate userSig based on userID
String userSig = GenerateTestUserSig.genTestUserSig("userID");
// Step 1: Import the header file
#import "GenerateTestUserSig.h"

// Step2: Enter the SDKAppID and SDK secret obtained in the Back step
[GenerateTestUserSig setSDKAPPID:xxxxxx];
[GenerateTestUserSig setSECRETKEY:@"xxxxxx"];

// Step 3: Generate userSig based on userID
NSString *userSig = [GenerateTestUserSig genTestUserSig:@"userID"];

Get UserSig from the console

Log in to Tencent-RTC Console, navigate to Development Tools > UserSig Tools.
Under the UserSig Generation Tool, select the corresponding SDKAppID and UserID.
Click the Generate button to compute the corresponding UserSig.




How to calculate UserSig during the official operation phase?

During the official operation phase, Tencent-RTC provides a more secure server-side UserSig calculation solution. This maximizes the protection of the key used to calculate UserSig from being leaked, as compromising a server is more difficult than reverse engineering an app. The specific implementation process is as follows:

1. Before your app calls the SDK initialization function, it must first request UserSig from your server.
2. Your server calculates UserSig based on SDKAppID and UserID. Refer to the first part of the documentation for the source code.
3. The server returns the calculated UserSig to your app.
4. Your app passes the obtained UserSig to the SDK via a specific API.
5. The SDK submits SDKAppID + UserID + UserSig to Tencent CVM for verification.
6. Tencent Cloud verifies UserSig to confirm its validity.
7. After verification, Tencent-RTC services will be provided to the Tencent-RTC SDK.
To simplify your implementation process, we provide UserSig Calculation Source Code and examples in multiple language versions:
Language Version
Signature algorithm
Source Code
Usage Examples
Java
HMAC-SHA256
genSig
GitHub
Go
HMAC-SHA256
genSig
GitHub
PHP
HMAC-SHA256
genSig
GitHub
Node.js
HMAC-SHA256
genSig
GitHub
Python
HMAC-SHA256
genSig
GitHub
C#
HMAC-SHA256
GenSig
GitHub

Previous Topic: FeaturesNext Topic: Firewall Restrictions

Help and Support

Was this page helpful?

Help us improve! Rate your documentation experience in 5 mins.

Feedback