Signing up
The most basic method to create a user in Kii Cloud is specifying an identifier such as a username and a password. This topic explains how to create a user with a username, an email address, or a phone number.
Identifying a user
When a user is created, it can be identified with any of a username, email address, phone number, and a combination of them.
For example, a user becomes available by taking the following steps.
- Create and register a user by specifying the username "id123456" and password "123ABC".
- Authenticate a user by specifying the username "id123456" and password "123ABC".
Once the user registration or user authentication is done, this user is treated as logged in (the user will be automatically logged in after the registration).
You can also identify users with their email addresses and phone numbers (check the table below).
| Information to be provided on user registration | Information to be provided on user authentication | ||||
|---|---|---|---|---|---|
| Username | Email address | Phone number | Password | Identifier accepted | Password |
| Yes | - | - | Required | Username | Required |
| Yes | - | Yes | Required | Username or phone number | Required |
| Yes | Yes | - | Required | Username or email address | Required |
| Yes | Yes | Yes | Required | Username or email address or phone number | Required |
| - | - | Yes *1 | Required | Phone number | Required |
| - | Yes *2 | - | Required | Email address | Required |
| - | Yes *3 | Yes *3 | Required | Email address or phone number | Required |
*1 You need to disable the phone verification; you will get an error otherwise.
*2 You need to disable the email verification; you will get an error otherwise.
*3 You need to disable either the phone verification or the email verification; you will get an error otherwise.
For example, suppose that a user registers with the username "id123456", the email address "user@mydomain.com" and password "123ABC". In this case, the user can login with one of the two ways:
- Login with the username "id123456" and password "123ABC".
- Login with the username "user@mydomain.com" and password "123ABC".
Please note that a user can set their email address or phone number instead of their username upon the registration. If you do not want to let them use these values for the authentication purpose (but still want to save them), consider storing the values in custom fields (See User Attributes) or storing them in a dedicated user scope bucket.
When logging in, you can specify a username, or email address or (international) phone number instead of a username in the same API. The SDK will interpret the identifier starting with "@" as an email address, the one starting with "+" as a phone number and all others as a username.
A user can change his email address and phone number after the registration, but he cannot change the username.
When using an email address and phone number for authentication, you can also verify them (See Verifying the User's Email Address and Phone Number). By enabling this feature, you can let users log in only after these identifiers are verified.
Signing up a user
The following sample code shows how to sign up a user with his/her username and password. In this case, a new user account is created with the username "user_123456" and a password "123ABC". (In this sample the optional fields "displayName" and "country" are also defined)
curl -v -X POST \
-H "Authorization: Basic {BASE64_ENCODED_APPID_AND_APPKEY}" \
-H "Content-Type: application/vnd.kii.RegistrationRequest+json" \
"https://api-jp.kii.com/api/apps/{APP_ID}/users" \
-d '{
"loginName": "user_123456",
"displayName": "person test000",
"country": "JP",
"password": "123ABC"
}'
You sign up a user with Basic Authentication. Replace {BASE64_ENCODED_APPID_AND_APPKEY} with a Base64-encoded string of concatenated AppID and an arbitrary value with a colon (:) in between the two values.
Kii Cloud will return the user ID as shown if the sign-up is successful (if the user with the same name already exists, you will get an HTTP status 409 response):
HTTP/1.1 201 Created
Server: Apache-Coyote/1.1
Location: https://api-jp.kii.com/api/apps/{APP_ID}/users/{USER_ID}
Content-Type: application/vnd.kii.RegistrationResponse+json
Transfer-Encoding: chunked
Date: Mon, 23 Apr 2012 00:22:38 GMT
{
"userID" : {USER_ID}
}
Here is another example. The following sample code shows how you can create a new account with the username "user_123456", an email address "user_123456@example.com" and a password "123ABC".
curl -v -X POST \
-H "Authorization: Basic {BASE64_ENCODED_APPID_AND_APPKEY}" \
-H "Content-Type: application/vnd.kii.RegistrationRequest+json" \
"https://api-jp.kii.com/api/apps/{APP_ID}/users" \
-d '{
"loginName": "user_123456",
"displayName": "person test000",
"country": "JP",
"password": "123ABC",
"emailAddress": "user_123456@example.com"
}'
The following sample code shows how to sign up a user with the username "user_123456", a phone number "+819012345678" and a password "123ABC".
curl -v -X POST \
-H "Authorization: Basic {BASE64_ENCODED_APPID_AND_APPKEY}" \
-H "Content-Type: application/vnd.kii.RegistrationRequest+json" \
"https://api-jp.kii.com/api/apps/{APP_ID}/users" \
-d '{
"loginName": "user_123456",
"displayName": "person test000",
"country": "JP",
"password": "123ABC",
"phoneNumber": "+819012345678"
}'
When you are specifying the phone number with a local phone format, be sure to set the correct 2-letter country code in "country" attribute.
If you create a user only with an email or phone number without a username, disable the verification of the user's email address and phone number in advance. For more information about the verification process, see the next section.
Resource URL and user representation
For the REST APIs that manipulates users, you can specify the target users in one of the following ways:
https://api-jp.kii.com/api/apps/{APP_ID}/users/{USER_ID}/...This method uses the User ID that Kii Cloud issues when the target user is registered.
https://api-jp.kii.com/api/apps/{APP_ID}/users/LOGIN_NAME:{USERNAME}/...This method uses the login name of the target user.
https://api-jp.kii.com/api/apps/{APP_ID}/users/EMAIL:{EMAIL_ADDRESS}/...This method uses the user's email address. The email address can be set upon the user registration or later by updating the user attributes.
If the email verification is enabled, this method cannot be used until the email is verified by clicking the link in the verification email (the user is treated as "not found" until then). If the email verification is disabled, you can use this method right after the user registration is completed.
https://api-jp.kii.com/api/apps/{APP_ID}/users/PHONE:{PHONE_NUMBER}/...This method uses the user's phone number. The phone number can be set upon the user registration or later by updating the user attributes.
If the phone verification is enabled, this method cannot be used until the phone number is verified by sending the verification code (the use is treated as "not found" until then). If the phone verification is disabled, you can use this method right after the user registration is completed.
https://api-jp.kii.com/api/apps/{APP_ID}/users/me/...This method is using the "me" literal. In this method, the user's access token is passed in the Authorization header. The target user is set to the user who owns this token.
This type of URL cannot be used for access tokens of the administrator or a thing.
If you are using the pseudo user, you cannot use the methods with the login name, email address, and phone number (until the user becomes the normal user).
Limitations
Some limitations (i.e., number and type of characters) apply to the user identifiers.
Some of the limits applied to identifiers are slightly different among SDKs. In this section, we will explain the strictest one in among the SDKs.
Username
A username must be 3 to 64 characters. The accepted characters are alphanumeric, "_" (underscore), "-" (hyphen) and "." (period).
It must be unique; a user will get an error when he tries to register the username that is already registered in the application.
A username is also used when a user queries other users (e.g. executing the findUserByUserName in the Kii Cloud SDK for Android).
Upper case alphabets in a username are converted to lower case when the username is registered.
Email address
An email address must be in the form of "username@domain".
- The username part is composed of alphanumeric, ".", "_", "%", "+" and "-".
- The domain part is composed of alphanumeric and ".".
The length of an email address must be 200 characters or shorter. The address must include "@" and must conform to RFC 822. Note that the details of error checking vary slightly depending on the platform.
It must be unique; a user will get an error when he tries to register or change his email address to the email address that is already registered in the application.
Phone number
You can specify a phone number in two ways (note that some SDK only accept the international phone number format):
International phone number format: This format will have a country code and local phone number after a "+" (plus) sign. The phone number is composed of 10 to 15 numbers (no hyphen or period). For example, the phone number "123-456-7890" in the United States is represented as "+11234567890".
Local phone number format: This format will use the domestic phone number. The country is expressed in two capital letters defined in libphonenumber. For example, the Android SDK asks you to specify the domestic phone number "1234567890" and the 2-letter country code "US". The REST API asks you to use the format "US-1234567890".
The international and local phone number formats are interoperable. The phone number "+11234567890" and "US-1234567890" identify the same user.
The phone number must be unique; a user will get an error when he tries to register or change his phone number to the number that is already registered in the application.
Only a mobile phone number is accepted. If a landline phone number is specified, an error will be returned. A library in the server determines the specified number is for a mobile phone or a landline.
Password
A password must be 4 to 50 characters. The accepted characters are alphanumeric and symbol (\u0020 to \u007e in Unicode).
Hint for creating a user list
Kii Cloud currently does not provide an API for getting a list of users; you need to implement the feature in your application if you want to get the list (Note: if you just need to get a single user, you might be able to implement it with Retrieving Other User's Data feature).
You can, for example, prepare an application scope bucket. When a new user is created, your application can register an object with the user ID (or URI) of this user in the application scope bucket. Later, your application can get a list of users by getting the KiiObjects in the bucket. By registering user attributes such as username, you can also query for users with these attributes.
Please note that the overall performance of this method will degrade when the number of users increases dramatically. You will need to implement the feature so as to avoid querying the massive amount of users. See Performance for the related discussion.
Also, note that any users can access the application scope bucket. Registering user's private information such as email addresses in the bucket make them vulnerable (See Security for the related discussion). Consider setting some access controls and accessing the bucket only via server code with the app administrator privilege to protect the data.