Mesibo Backend APIs - User Management

Before your users can use mesibo services, mesibo need to know about your users so that mesibo can enable real-time messaging, calls, and conference between them.

mesibo identifies each user by a unique random string, called address. The address can be anything, for example, phone number, email address, your enterprise user ID, etc. You need to create a mesibo user for each of your app users.

mesibo will generate an authentication token when you create a user. This user token is also called the access token. You need to send this token to your apps so that your app can initialize mesibo Mesibo Real-time APIs using this token. Refer to the Get Started tutorial to learn more about it.

mesibo backend user-management APIs allow you to create and edit users and able to generate access tokens. You can anytime add, edit or delete users or access tokens using backend APIs as explained below.

Adding a User

To add a user and to generate a user access token, you need to send the following JSON request to the backend API. You can use the same API to regenerate the token:

{
  "op":"useradd",
  "token": "ptlk9hdel1gqxf3p0s15f5f5gtusldej18tl794suzit",
  "user": {
	"address":"xyz@example.com",
	"name":"User Name",

  	"token": {
		"appid": "com.example.mesiboapp",
		"expiry": 525600
  	}
  }
}

Following are the request parameters, some of them are OPTIONAL.

Basic Parameters

Following are the request parameters, most of them are OPTIONAL unless the Default value is mentioned as Mandatory.

ParameterDescriptionDefault
opMUST have the value - "useradd" (see example above)Mandatory
tokenApplication Token obtained from the mesibo consoleMandatory
user.addressUser Address (unique string). For example, phone number, email address, enterprise user ID, etc.Mandatory
user.activeenable usertrue - active

Token Generation Parameters

You need to use the following parameters when generating or regenerating user access token. The generated token is restricted to an application that corresponds to the appid provided in the request.

For Android, appid is the package name declared in the AndroidManifest.xml file or google-services.json.

For iOS, this is the Bundle ID declared in the Xcode project.

The generated token will only work for the app with that specific package name or Bundle ID.

For platforms other than Android and iOS, you can input any non-numeric, dot-separated string (e.g., com.yourdomain.yourapp). This exact string must also be used for the setAppName function and should be in lowercase.

The Mesibo client-side API offers the getAppIdForAccessToken convenience function to get the App ID associated with the app.

ParameterDescriptionDefault
user.tokenAccess token object with parameters as explained below. The access token will not be generated if this object is not present in the request.
user.token.appidappid as described above, lower case only.
user.token.expirytoken expiry in minutes. You should generate the token for a long duration instead of regenerating it. Regenerating tokens too many times may be charged.1 year
user.token.autorefreshtoken automatic refresh interval in minutes. The token's expiration will be extended automatically by adding this interval to the time of the last login, just before the token is due to expire.0
user.token.deviceUnique device string identifying the device where the generated token will be used. This field is OPTIONAL. Refer to the multi-device login documentation for the usage detail.
user.token.linktoLink to another user. This field is OPTIONAL. Refer to the multi-device login documentation for the usage detail.

User Permissions Parameters

You need to use the following parameters only if you need to set custom permissions for the user.

ParameterDescriptionDefault
user.permissions.incomingenable incoming messagestrue
user.permissions.outgoingenable outgoing messagestrue
user.permissions.callsenable video and voice callstrue
user.permissions.turnenable TURN server usage for video and voice callstrue
user.permissions.storageenable message storagetrue
user.permissions.groupCreateenable group creation by usertrue
user.permissions.retentionstore all messages to database - On-premise onlyfalse
user.permissions.webhooksend messages to webhook instead of real-time APIfalse
user.permissions.peersPeers with whom the user can communicate, 0 = All, 1 = Only specific peers set by the backend, 2 = Contacts Only, 3 = Favorites Only, refer to the contacts parameters below0 (All)

User Profile Parameters

You need to use the following parameters only if you are setting profile information from the backend. Generally, the profile information is set by the user/apps using real-time profile APIs.

ParameterDescriptionDefault
user.profile.nameName of the user
user.profile.imageImage URL of the user
user.profile.tnbase64 thumbnail of the user image
user.profile.statusStatus text of the user
user.profile.descriptionDescription text of the user
user.profile.updateSet true to update the profile, false to overwritefalse
user.profile.removeSet true to remove the profilefalse

User Contacts Parameters

You need to use the following parameters only if you are adding or modifying contacts for the user. Generally, the contact information is set by the user/apps using real-time contact sync APIs.

ParameterDescriptionDefault
user.contact.addressaddress of the contactMandatory
user.contact.contactadd as a contacttrue
user.contact.subscribesubscribe to profile and online status updatetrue
user.contact.favoritemark as a favoritefalse
user.contact.pairmark as a communication pair if you have set the user.permissions.peers=1 (specific peers only).
user.contact.blockblock userfalse
user.contact.removeremove from the contacts list and also delete all the messagesfalse
user.contact.visibilityset the visibility. Refer to the real-time profile APIs documentation0

If the request is successful, the response will be like,

{ 
  "user": {
	"uid":123,
	"address":"xyz@example.com",
	"token":"79a818d76fe45fb5a3ac395a0a98251c3db2eetb7b0d4aa0"
  },
  "op":"useradd",
  "result":true
}

where,

  • user.address = User address that was sent in the request
  • user.uid = Numerical unique user ID generated by the backend. You can use this UID instead of the address in other requests.
  • user.token = Access token which you should use in the real-time API

You should save user information (UID, Address, Access Token, etc.) from the response to your database so that you can access them later. If you do not save them and instead call mesibo backend API every time you need them, your app will be slow, and you may be charged for excessive backend API usage (refer to the Backend API Invocations on the Pricing page).

Modifying a User

To edit an existing user, send the following JSON request to the backend API. You need to use the address or the UID obtained from the useradd operation.

{
  "op":"userset",
  "token": "ptlk9hdel1gqxf3p0s15f5f5gtusldej18tl794suzit",
  "user": {
	"uid":123,
        
	"profile": {
		"name":"User Name",
		"image":"https://example.com/image.jpg",
		"description":"Some description",
  	}
  }
}
ParameterDescriptionDefault
opMUST have the value - "userset" (see example above)Mandatory
tokenApplication Token obtained from the mesibo consoleMandatory

The userset request is the same as the useradd request. The only difference is that the user MUST already exist for the userset request to succeed. The request will fail if the user does not exist.

The request and response parameters are the same as the ones in useradd operation.

Deleting a User

Delete an existing user using address or UID obtained from the useradd operation.

{
  "op":"userdel",
  "token": "ptlk9hdel1gqxf3p0s15f5f5gtusldej18tl794suzit",
  "user": {
	"uid":123
  }
}
ParameterDescriptionDefault
opMUST have the value - "userdel" (see example above)Mandatory
tokenApplication Token obtained from the mesibo consoleMandatory
uidUser IDMandatory

If the request is successful, the response will be like,

{ 
  "user": { 
	  "uid":123 
  },
  "op":"userdel",
  "result":true
}

Delete a User Access Token

Delete an existing user access token without deleting a user. The user will be logged-out but mesibo will store all received messages for the user. Those messages will be delivered when the user logs in the next time with a new token.

To delete the user token, send userset request with user.token.remove parameter:

{
  "op":"userset",
  "token": "ptlk9hdel1gqxf3p0s15f5f5gtusldej18tl794suzit",
  "user": {
	"uid":123

  	"token": {
		"remove": true
  	}
  }
}

Get Users (on-premise hosted backend only)

Get users using an address or a UID. You can use a pattern to get matching users.

On Cloud, this API is only for development purposes only, and hence it is rate-limited and a maximum of 20 users will be returned. The reason is that many mesibo customers have millions of users and it is not practical to retrieve them. You should store your users locally instead of obtaining from the mesibo. You MUST not use this API in production and excessive use can be blocked. However, no such limitations apply for on-premise.

To get users, send usersget request with address or uid parameter and the count. You can also send empty request (without address or uid).

{
  "op":"usersget",
  "token": "ptlk9hdel1gqxf3p0s15f5f5gtusldej18tl794suzit",
  "count": 50
  "user": {
	"uid":123
  }
}

You can also use '*' wildcards in address field to get multiple users matching the pattern, for example,

{
  "op":"usersget",
  "token": "ptlk9hdel1gqxf3p0s15f5f5gtusldej18tl794suzit",
  "count": 50
  "user": {
	"address": "hello*"
  }
}