Skip to main content
Required Credentials: App ID (from init), Auth Key (dev) or Auth Token (prod)
Get from: CometChat Dashboard → Your App → API & Auth Keys
After initializing the SDK, the next step is to authenticate your user. CometChat provides two login methods — Auth Key for quick development, and Auth Token for production — both accessed through the login() method.

Before You Log In

Create a User

A user must exist in CometChat before they can log in.
  • During development: Create users from the CometChat Dashboard. Five test users are already available with UIDs cometchat-uid-1 through cometchat-uid-5.
  • In production: Call the Create User REST API when a user signs up in your app.
We have set up 5 users for testing with UIDs: cometchat-uid-1, cometchat-uid-2, cometchat-uid-3, cometchat-uid-4, and cometchat-uid-5.

Check for an Existing Session

The SDK persists the logged-in user’s session locally. Before calling login(), always check whether a session already exists — this avoids unnecessary login calls.
If getLoggedInUser() returns null, no active session exists and you need to call login().
CometChat.init() must be called before any other SDK method. Calling login(), sendMessage(), or registering listeners before init() will fail.
The CometChat SDK maintains the session of the logged-in user within the SDK. You do not need to call the login method for every session. Use CometChat.getLoggedInUser() to check for an existing session first.

Login using Auth Key

This straightforward authentication method is ideal for proof-of-concept (POC) development or during the early stages of application development. For production environments, however, we strongly recommend using an Auth Token instead of an Auth Key to ensure enhanced security.
Auth Key is for development/testing only. In production, generate Auth Tokens on your server using the REST API and pass them to the client. Never expose Auth Keys in production client code.
After the user logs in, their information is returned in the User object.

Login using Auth Token

This advanced authentication procedure does not use the Auth Key directly in your client code, ensuring better security.
  1. Create a User via the CometChat API when the user signs up in your app.
  2. Create an Auth Token via the CometChat API for the new user every time the user logs in to your app.
  3. Pass the Auth Token to your client and use it in the login() method.
After the user logs in, their information is returned in the User object.

Logout

You can use the logout() method to log out the user from CometChat. We suggest you call this method once your user has been successfully logged out from your app.

Login Listener

You can listen for login and logout events in real time using LoginListener. This is useful for updating UI state or triggering side effects when the auth state changes.

Add a Listener

Remove a Listener

Always remove login listeners when they’re no longer needed (e.g., in onDestroy()). Failing to remove listeners can cause memory leaks and duplicate event handling.

Next Steps

Send a Message

Start sending text, media, and custom messages to users and groups

User Management

Retrieve and manage users in your application

Connection Status

Monitor the SDK connection state in real time

Key Concepts

Understand core CometChat concepts and terminology