Welcome!

Welcome to the official BlackBerry Support Community Forums.

This is your resource to discuss support topics with your peers, and learn from each other.

inside custom component

Native Development


Thank you for visiting the BlackBerry Support Community Forums.

BlackBerry will be closing the BlackBerry Support Community Forums Device Forums on April 1st (Developers, see below)

BlackBerry remains committed to providing excellent customer support to our customers. We are delighted to direct you to the CrackBerry Forums, a well-established and thorough support channel, for continued BlackBerry support. Please visit http://forums.crackberry.com or http://crackberry.com/ask. You can also continue to visit BlackBerry Support or the BlackBerry Knowledge Base for official support options available for your BlackBerry Smartphone.

"When we launched CrackBerry.com 10 years ago, we set out to make it a fun and useful destination where BlackBerry Smartphone owners could share their excitement and learn to unleash the full potential of their BlackBerry. A decade later, the CrackBerry community is as active and passionate as ever and I know our knowledgeable members and volunteers will be excited to welcome and assist more BlackBerry owners with their questions."

- Kevin Michaluk, Founder, CrackBerry.com

Developers, for more information about the BlackBerry Developer Community please review Join the Conversation on the BlackBerry Developer Community Forums found on Inside BlackBerry.


Reply
New Developer
Posts: 13
Registered: ‎12-28-2012
My Device: BB10 Dev Alpha
My Carrier: Simyo
Accepted Solution

Server side BBM user validation.

I'm building a service for my blackberry app. I want users to register to my app using their ppId (https://developer.blackberry.com/cascades/reference/bb__platform__bbm__userprofile.html), so they can login using their different devices.

But since the API calls can receive fake data, I need to check from the server side that the ID that they are sending me is a valid one, and that corresponds to the user name.

 

 

Is there any service to check that?  

BlackBerry Development Advisor
Posts: 15,884
Registered: ‎07-09-2008
My Device: BlackBerry PRIV
My Carrier: Bell

Re: Server side BBM user validation.

You shouldn't receive fake data.  What makes you think that?

Mark Sohm
BlackBerry Development Advisor

Please refrain from posting new questions in solved threads.
Problem solved? Click the Accept As Solution button.
Highlighted
New Developer
Posts: 13
Registered: ‎12-28-2012
My Device: BB10 Dev Alpha
My Carrier: Simyo

Re: Server side BBM user validation.

Any server API is public, so, anyone could use curl to send me a register request with a random generated 'user id', and I wouldn't be able to tell if that is a real user. So, a simple script could create as many users as wanted, the database could be filled with fake users.

 

A way to prevent this would be using the typical email registration process, with a link to validate the users. But I would like to have a way to validate a BBM registered user.

BlackBerry Development Advisor
Posts: 15,884
Registered: ‎07-09-2008
My Device: BlackBerry PRIV
My Carrier: Bell

Re: Server side BBM user validation.

I see what you mean now.  I thought you were referring to fake data coming from the API itself.

 

There isn't anything built into ppid to accommodate this.  You'll need to implement some other kind of security measure within your application so that the server side knows that the request is coming from your application and not some other malicious source.

Mark Sohm
BlackBerry Development Advisor

Please refrain from posting new questions in solved threads.
Problem solved? Click the Accept As Solution button.
New Developer
Posts: 13
Registered: ‎12-28-2012
My Device: BB10 Dev Alpha
My Carrier: Simyo

Re: Server side BBM user validation.

Ok, thanks for the info.