Menu

Rate this page:

Thanks for rating this page!

We are always striving to improve our documentation quality, and your feedback is valuable to us. How could this documentation serve you better?

User Identity & Access Tokens

An identity in Chat is unique to a user, and may be signed in on multiple devices simultaneously. For example, identity "alice@example.com" will stay synchronized on a number of endpoints including her iPhone, Android tablet and in-browser application. All destinations for the same user will receive identical channel and message notifications, and display the same message history.

On the server we must decide, based on the token request that was sent to us, who the user is and what they should be allowed to do. To figure out who the user is (their identity), you might use your existing login system or identity provider (e.g. using session cookies, an API token, or whatever mechanism you use to secure API requests or pages today). You might not care who a user is at all, and assign them a temporary identity as in our starter apps. Who the user is, what is their role, and how you determine that will vary from application to application.

If you determine that the user should indeed be allowed to access your Chat application, you must grant your user access to Chat and supply an identity. Here are the guidelines on how to generate JWT access tokens: Creating Access Tokens.

Programmable Chat also uses identity to track monthly usage and generate accounting reports, therefore be mindful about provisioning a reasonable amount of unique identities. Reusing identities too much and keeping uniqueness low may cause user and application logic conflicts. On the opposite side, using too random identity will result in a large number of redundant unique users, which also impacts monthly billing.

Rate this page:

Need some help?

We all do sometimes; code is hard. Get help now from our support team, or lean on the wisdom of the crowd browsing the Twilio tag on Stack Overflow.