In-app Chat
  • iOS : Objective-C
  • Android
  • macOS
  • Windows
  • Web
  • Flutter
  • React Native
  • Introduction
    • Overview
    • Basic concepts
  • Sample app
  • Getting started
  • Client SDKs
    • SDK downloads
    • Release notes
  • Guides
    • Authentication
    • Manage users
    • Room
    • Group
    • Messaging
    • Call invitation (signaling)
    • Manage sessions
  • Offline push notifications
  • Error codes
  • Server APIs
  • API Documents


Last updated:2022-07-15 11:47

To avoid unauthorized service access or operations, ZEGOCLOUD uses digital Tokens to control and validate users' login privileges.

The validation process

Before you log in to a room, your app clients request Tokens from your app server and provide the Token for privilege validation when logging in to a room.

The following diagram shows the process of room login privilege validation:


Generate a Token

For business security, you must generate Tokens on your app server.

To generate a Token, do the following:

  1. Go to the ZEGOCLOUD Admin Console to obtain the AppID and ServerSecret of the project.
  2. Use the token generator plug-in provided by ZEGOCLOUD to generate Tokens on your app server.
Language Core function Description

Take Go language as an example, you can do the following steps to generate a Token:

  1. Copy the go/zegoserverassistant directory to your server-side project.
  2. Use the command import zsa "your-project-go-mod-path/zegoserverassistant" to import the plug-in. Remember to replace the your-project-go-mod-path with your project name.
  3. Call the GenerateToken04 method to generate a Token.
var appId uint32 = <Your AppId>   // type: uint32
userId := <Your userID>  // type: string
secret := <ServerSecret>  // type: 32 byte length string
var effectiveTimeInSeconds int64 = <Your token effectiveTime> //type: int64; unit: s

token, err := zsa.GenerateToken04(appId, userId, secret, effectiveTimeInSeconds)
if err != nil {

Use a Token

When logging in to a room, you need to pass the Token for validation. Otherwise, the login will fail.

ZIMUserInfo *userInfo = [[ZIMUserInfo alloc] init];
userInfo.userID = @"YOUR_USER_ID";
userInfo.userName = @"YOUR_USER_NAME";

NSString *token = @"xxxxxxxx"; // The Token you get from your app server. 

[zim loginWithUserInfo:userInfo token:token callback:^(ZIMError * _Nonnull errorInfo) {
        // You can tell by the ZIMErrorCode whether the room login is successful.

Renew a Token

  • 30 seconds before a Token expires, the SDK sends out a notification through the callback tokenWillExpire. (If the period of validity of the Token is less than 30 seconds after a successful room login, the callback will be triggered immediately.)

  • Upon receiving this callback, you need to get a new Token from your app server first, and then pass the new Token to the renewToken method.

- (void)zim:(ZIM *)zim tokenWillExpire:(unsigned int)second {
    NSString *token = [MyToken getToken]; // Request a new Token from your app server.
    [self.zim renewToken:token callback:^(ZIMError * _Nonnull errorInfo) {
        // You can tell by the ZIMErrorCode whether the Token is renewed successfully.