Skip to main content
Create users via: Dashboard (testing) | REST API (production) Test UIDs: cometchat-uid-1 through cometchat-uid-5
After initializing the SDK, the next step is to authenticate your user. CometChat provides two login methods — Auth Key for quick development, and Auth Token for production — both accessed through the login() method.

How It Works

Before You Log In

Create a User

A user must exist in CometChat before they can log in.
  • During development: Create users from the CometChat Dashboard. Five test users are already available with UIDs cometchat-uid-1 through cometchat-uid-5.
  • In production: Call the Create User REST API when a user signs up in your app.
We have setup 5 users for testing having UIDs: cometchat-uid-1, cometchat-uid-2, cometchat-uid-3, cometchat-uid-4 and cometchat-uid-5.

Check for an Existing Session

The SDK persists the logged-in user’s session locally. Before calling login(), always check whether a session already exists — this avoids unnecessary login calls and keeps your app responsive.
If getLoggedInUser() returns null, no active session exists and you need to call login().

Login with Auth Key

This straightforward authentication method is ideal for proof-of-concept (POC) development or during the early stages of application development. For production environments, however, we strongly recommend using an Auth Token instead of an Auth Key to ensure enhanced security.
Auth Keys are meant for development and testing only. For production, use Auth Token login instead. Never ship Auth Keys in client-side code.
On success, the onSuccess callback receives a User object containing the logged-in user’s details.
On Success — A User object representing the logged-in user:User Object:
CometChatException:

Login with Auth Token

Auth Token login keeps your Auth Key off the client entirely. Your server generates a token via the REST API and passes it to the client.
  1. Create the user via the REST API when they sign up (first time only).
  2. Generate an Auth Token on your server and return it to the client.
  3. Pass the token to loginWithAuthToken().
On success, the onSuccess callback receives a User object containing the logged-in user’s details.
On Success — A User object representing the logged-in user:User Object:
CometChatException:

Logout

Call logout() when your user logs out of your app. This clears the local session.
On Success — A String message confirming the logout:
CometChatException:

Login Listener

You can listen for login and logout events in real time using LoginListener. This is useful for updating UI state or triggering side effects when the auth state changes.

Add a Listener

Remove a Listener

Always remove login listeners when they’re no longer needed (e.g., on widget disposal or when navigating away). Failing to remove listeners can cause memory leaks and duplicate event handling.

Next Steps

Send Messages

Send your first text, media, or custom message

User Management

Create, update, and manage users in your app

Connection Status

Monitor the SDK connection state in real time

All Real-Time Listeners

Complete reference for all SDK event listeners