Tutorial: Signing in and out

Serverless Authentication Signing in and out

The Webcom Authentication Service provides a lot of authentication methods to sign users in to your applications.
By default, only the Webcom email-based login is enabled when creating a new Webcom application. In order to use other authentication methods, they must be explicitly enabled and setup in the "authentication" tab of the Webcom developer console.

Automatic reconnection: when the network connection is lost and returns, the Webcom SDK will automatically re-sign the currently authenticated user in to your application with the Webcom.

Authentication methods classified by usage

Identity Provider Available Authentication methods
Webcom Internal Provider - Guest login
- Email-based login
- Phone-based login
Orange Public Providers - Login with Orange France account
- Implicit mobile network-based login (for Orange projects only)
Orange Corporate Providers
(for Orange projects only)
- IAM DIOD login
- Orange Employee SSO login
Third-Party Providers - Login with Mobile Connect
- Login with Google
- Login with Facebook
- Login with Apple
- Login with Github
- Login with Gitlab
Customizable Third-Party Providers - Login with OIDC compliant providers
- Login with non standard providers

Authentication methods classified by implementation

Method Description
Guest login Authentication without creating an actual account. This method allows to protect users' data for the duration of a "guest" session only.
Webcom internal login Authentication based on email & password, or phone number & one time password.
Mobile implicit login
(for Orange projects only)
Authentication based on the mobile device and the mobile data network used.
OAuth2 login Authentication delegation to an OAuth2.0 compliant third-party identity provider.
Custom login Authentication delegation to an existing specific third-party authentication system. It allows to integrate with any other authentication component.

Sign out

The sign out procedure is common to all authentication methods, it basically consists in "forgetting" the authentication state (and the associated Webcom token) locally on the device. This means that there is no interaction with the Webcom back end and no token is actually revoked. Therefore, the forgotten token is still valid and may be used further on any device.

The following example shows how to use the sign out procedure (replace “<your-app>” with your actual application identifier):

// Create a reference to a Webcom application
var ref = new Webcom("<your-app>");
// Sign out
ref.logout(function (error) {
   if (error) {
     console.log("The sign out failed: " + error.message);
   } else {
     console.log("Signed out successfully!");
    // Create a reference to a Webcom application
    final Webcom ref = new Webcom(new WebcomApp("<your-app>"));
    ref.logout(new OnComplete(){
       public void onComplete() {
            Log.v(TAG,"sign out complete ");
       public void onError(WebcomError error){
            Log.v(TAG,"onError : " + error.getMessage());
} catch (Exception e) {
    Log.e(TAG, e.getMessage(), e);

Coming soon!
In the meanwhile, refer to the iOS API reference