Pseudo Users

Sometimes you do not want to force your application users to sign up with their usernames and passwords. Kii Cloud provides a "pseudo user" feature to accommodate such a need.

Using the pseudo user feature

A pseudo user is a feature to use a Kii Cloud user without a username and password. When a pseudo user is created, an access token is generated. A pseudo user is identified with an access token that is retained on the mobile app, instead of a pair of usernamne and password.

This feature will request a user creation without a username and password to Kii Cloud. When a pseudo user is created, Kii Cloud returns the access token for this user.

When a normal user logs in with its username and password, Kii Cloud issues an access token that indicates the user is logged in. The same effect is achieved when a pseudo user is created.

For a pseudo user, it is essential to keep the access token in the device's local storage until the user no longer needs it. When a user wants to login again, you can do so with the access token by following the steps described in Logging in and Using an Access Token. Please note that if the access token is lost, the user will no longer be able to login as the same user.

A pseudo user can leverage almost all Kii Cloud features like normal users; the only feature not achievable with a pseudo user is getting a new access token. This is because a pseudo user has no associated username and password and thus he cannot login with them so as to get his access token.

A pseudo user can become a normal user by registering his identifier (i.e. username, email address and/or phone number) and password. To allow a pseudo user to access from another device, for example, you might want to first ask the user to become a normal user and then ask him to login as a normal user from another device.

Creating a pseudo user

The following sample shows how to create a pseudo user.

curl -v -X POST \
  -H "Authorization: Basic {BASE64_ENCODED_APPID_AND_APPKEY}" \
  -H "Content-Type: application/vnd.kii.RegistrationAndAuthorizationRequest+json" \
  "https://api-jp.kii.com/api/apps/{APP_ID}/users" \
  -d '{
        "displayName": "Alice",
        "locale": "ja"
      }'

You create a pseudo user with Basic Authentication. Replace {BASE64_ENCODED_APPID_AND_APPKEY} with a Base64-encoded string of concatenated AppID and an arbitrary value with a colon (:) in between the two values.

Kii Cloud will return the user ID and the access token if the pseudo user is successfully created.

HTTP/1.1 201 Created
Server: Apache-Coyote/1.1
Location: https://api-jp.kii.com/api/apps/{APP_ID}/users/{USER_ID}
Content-Type: application/vnd.kii.RegistrationAndAuthorizationResponse+json

{
  "userID" : {USER_ID},
  "_accessToken" : {ACCESS_TOKEN}
}

Once a pseudo user is created, the user can leverage Kii Cloud with the access token just like a normal user.

Please note that a pseudo user will lose a mean to login if their access token is lost (e.g. by the application uninstallation). If you can identify the pseudo user, for example by their display name, you can delete this user on the User Console.

Changing to a normal user

A pseudo user can be changed to a normal user by setting either of a username, an email address, or a phone number, and a password.

Here is a sample command.

curl -v -X POST \
  -H "Authorization: Bearer {ACCESS_TOKEN}" \
  -H "Content-Type: application/vnd.kii.UserUpdateRequest+json" \
  "https://api-jp.kii.com/api/apps/{APP_ID}/users/me" \
  -d '{
        "loginName": "user_123456",
        "displayName": "Player1",
        "password": "pass123456",
      }'

Kii Cloud will give a 200 response when everything is ok.

Using Kii Cloud without explicit login

Besides using the pseudo user feature, you can use the following methods to use Kii Cloud without explicit login. Kii recommends using the pseudo user feature because these methods can make the implementation complex or limited.

Creating a user in the mobile app

Your application can automatically create arbitrary username and password, register them to Kii Cloud on behalf of the user and use them every time the user tries to use your mobile app. For example, your mobile app can create a random username and password in background, use them to proceed with the user sign up & sign in, and then store them in the device storage (e.g., SharedPreference on Android and NSUserDefaults on iOS). The user will be able to automatically log in with these username and password until the mobile app is uninstalled or the stored data is explicitly erased.

In this method, your mobile app must assign a unique username to each user.

Once the username and password are erased from the device storage, the user will no longer be able to sign in. Using an immutable value like a device ID for the username and/or password, however, is strongly discouraged so as to prevent the possible privacy infringement.

To provide a support for device migration or back up, simply implement the export and import feature of the username and password stored in the device storage.

Anonymous user

Kii Cloud does support an anonymous user (i.e., a user without any sign in), but the features allowed to the anonymous user are very limited. Most features, like accessing a user-scope data, require the user to sign in.