The first step in using push notifications is to enable network-level push notifications settings. Please follow the steps below to achieve this.
*Only 'Super Administrator' and 'Administrator' have the ability to disable or enable this feature.
In the Console page, navigate to Settings > Push Notifications
Turn ON the Network Notification Settings toggle button.
Important Note : When the network level settings' toggle is turned off, all chat and social notification events will be turned off immediately.
Double-check that all events such as Chat, Post and Comments are correctly enabled. After the network level settings are turned ON, the notification events can be adjusted individually.
To increase the security of our admin tokens, we have enhanced the ability to generate new admin tokens with shorter expiration time and the ability to revoke admin tokens.
Previously, all generated access tokens had an expiration time of 10 years by default. From now on, the expiration time for all newly generated access tokens will be reduced to 1 year. This new enhancement only affects the newly generated tokens. So if you want a token with a shorter expiration time, you will need to generate a new token through the console.
This is not available for Super Admin.
To retrieve your current admin token:
In the Console, go to Settings > Admin Users
Click the ellipses (...) next to your user name to retrieve your current admin token.
Click the Generate button to generate (create) a new token, which will invalidate the existing token.
Click the Confirm button.
Once the new token is generated, the admin will be notified to get switched from the old token to the new token within 24 hours.
Please remember to generate a new token before it expires. Otherwise, you will get "token expired" error if you use an expired token for API calls.
In case the admin token has been compromised, admin users can now revoke their own admin token, and Super Admins can revoke another admin's token. Revoking tokens are done by passing the username parameter.
After revocation, that admin's token becomes invalid and the admin will be automatically logged out of Console. When that admin logs in again, a new token will be generated. The admin must use this new token for future API calls, otherwise they will receive an "Invalid token' error.
You will encounter error:
When a non-admin tries to revoke any admin token
When the username doesnt exist
Admin can modify various settings for the SDK from this panel. Admin can also see their SDK API and Webhook keys from this panel.
If the Admin wishes to set up their own webhooks, they can do so by adding a URL to the Webhook section. This will generate a secretKey for that URL webhook. Admin will also be able to delete and previous webhook URLs.
For more information, please have a look at our documentation on Real-Time Events
If the Admin wishes to set up push notifications for their SDK; they may do so by uploading a PNS certificate*. Once a push notification is active, Admin can set what events are push notifiable.
*Note: If client has not enabled Push Notifications with Amity before. Please contact us first so that we can set up the preliminary certificate credentials.
Admin can see what certificates are currently active for their Push Notifications. More than one certificate can be uploaded for one platform (i.e. You can have a staging and a production certificate for iOS), however, only one certificate may be active at a time per platform and/or provider.
Admin can upload new certificates:
For more information, please have a look at our documentation on:
IOS Push Notifications
Android Push Notifications
If you want to make request to Amity Social Cloud APIs as an admin, you will need an access token. You can get the Access token from the Admin Users Management section in console.
You must be logged in as an admin to generate an Admin Access token.
The root/super-admin account cannot generate an Admin Access token because you will not be able to see a Settings button if you are logged in using that account.
Once logged in as an admin, you can generate the access token with these steps:
Go to Settings > Admin Users.
3. Click Generate and a token will be generated in the Access Token box.
Admin Access token is valid for ten years. However, it will be invalidated if the admin user is deleted.
Creating safer online communities for all!
Image moderation is a feature that allows all uploaded images on posts and messages to be scanned and moderated for inappropriate, offensive, and unwanted content before images are published.
To this end, we're partnering with Amazon's Rekognition AI technology to detect and moderate images that contain violence, nudity, suggestive, or disturbing content; allowing you to create a safer online community for your users without requiring any human intervention. For more information on how Rekognition works, click here!
Please note that image moderation is disabled by default. Read below for instructions on how to enable image moderation for your network.
The following steps will allow you to enable Image Moderation for your network:
Log into Console
Go to Settings > Image Moderation
Toggle “Allow Image Moderation” to "Yes"
Do note that once you've enabled image moderation, you will need to also set the confidence level for each moderation category. By default, the confidence levels set are "0" for each category. Allowing any one category to be set to '0' confidence level will likely result in all images to be blocked from being uploaded, regardless of whether the image contained any inappropriate elements.
Setting confidence levels at a higher threshold is likely to yield more accurate results when it comes to detecting images for said content. If you specify a confidence value of less than 50, a higher number of false positives are more likely to be returned compared to a higher confidence value. You should only specify a confidence value of less than 50 only when lower confidence detection is acceptable for your use case.
To disable image moderation, simply toggle "Allow Image Moderation" to "No". Any images uploaded will no longer go through the image recognition service, and any inappropriate content will no longer be detected.
Can we set confidence levels for just one category and leave the rest at '0'? Doing so will result in all images being blocked from being uploaded, even if it didn't contain any offensive or unwanted imagery. This is because Amazon Rekognition will scan the uploaded image for all categories (i.e. "Nudity", "Suggestive", "Violence", and "Disturbing) and return a confidence score for each category. If the confidence score returned is equal to or higher than the confidence level set in ASC Console, the image will be blocked. Currently, we don't have a feature to allow image moderation for just one element - but you could try setting different confidence levels for each element to see what works best for your use case.
What happens when an uploaded image is detected to have unwanted imagery? It depends on the confidence threshold set in ASC Console for each moderation category. For example, if your settings are ("Nudity: 99; Suggestive: 80; Violence: 10; Disturbing: 50"), based on the image uploaded, Amazon Rekognition will scan and return a confidence score for each moderation category. If the confidence score returned by Amazon Rekognition equals to, or is higher than the confidence levels set in Console for that category, ASC will block this image from being uploaded, as illustrated below:
Settings in Console: "Nudity: 99; Suggestive: 80; Violence: 10; Disturbing: 50"
Amazon Rekognition Confidence Level for Image Uploaded: "Nudity: 80, Suggestive: 85; Violence: 5; Disturbing: 49"
Image blocked: YES - because the confidence score returned for "Suggestive" category is higher than the confidence threshold set on ASC Console Settings in Console: "Nudity: 99; Suggestive: 80; Violence: 10; Disturbing: 50"
Amazon Rekognition Confidence Level for Image Uploaded: "Nudity: 80, Suggestive: 79; Violence: 5; Disturbing: 49"
Image blocked: NO - because the confidence level returned for all the categories are not equal to or higher than the confidence thresholds set on ASC Console.
The menu dedicated to security asset management such as API Key, Server Key.
With secure mode off, Amity SDK generates an access token on the client side when given a userId and apiKey. This can lead to malicious users abusing the endpoint and spying on someone else's session.
With secure mode on, an additional authentication token that is generated from your own backend server using a separate Server Key is required. You must turn on secure mode in your production system or the system will be vulnerable to such kind of attack.
Amity provides a way to get the server key easily via the ASC Console as followed:
Login to your ASC Console
Go to Setting -> Security
Enable secure mode via the toggle.
4. Click "Generate new server key" to generate your server key
5. Click Continue (please make sure you read the warning message and are aware of the impact)
6. The server key will be shown, please copy and securely store into your backend system. The key will only be shown once.
User must not be a super-admin to be able to generate the key.
Once secure mode is enabled and server key is generated, all client authentication request will require an authentication token and your backend server will need to make a server-to-server call, while passing server key into Amity Social Cloud server in order to get the authentication token. Please follow the following steps to generate auth token:
Client initiates a call to the backend.
For EU and US, you need to specify the region in the endpoint link. For SG, however, it is optional.
Receive the auth token back and find a way to pass it up from server-side to client-side and give it to the SDK.
To use auth token on the client side, please see the Getting Started guide.
An API key will be provided when you create the application.
Open Amity Social Cloud Console.
On the left menu, select Settings to expand its submenu.
Select Security.
On the Security page, you will find the apiKey.
API key does not contain any information of who the user is. It only contains the networkId of the network that the user is in.
There are 2 modes of Authentication:
Unsecure mode
Secure mode
With secure mode disabled, you can connect directly to the Amity server.
The request body contains information about user and devices that he/she use to connect to. If displayName is provide, that user display is updated as well.
If userId doesn't exists, new user will be created.
2. In the Responses, you will find that the server will return an access token in the Response body.
Access token will be valid for one day. However, it will be invalidated if a different user will use the same token to register the same device.
With secure mode enabled, it provides an additional layer of security because it requires server-level authentication.
Provide a userId to get a token for that user
2. The server will return an authentication token in the Response body.
Authentication token will expire after ten minutes.
Banning a user, whether it is on a global or channel level, will not invalidate the token.
4. In the Responses section, you will find that the server will return an access token in the Response body.
Access token will be valid for 30 days. However, it will be invalidated if a different user will use the same token to register the same device.
Mutual Transport Layer Security or mTLS, is a two-way mutual authentication technique. It helps two parties to authenticate at both ends of a network if they have the correct private key. mTLS ensures that the people at both ends of a network connection are who they claim to be.
In the Console, go to Settings > Security tab
Click +Create Certificate option to create the certificate
In order to use this feature, you must first enable "secure mode."
There is a maximum upload of 2 certificates.
Specify the Certificate Name and Certificate Signing Request (CSR)
Certificate Name and Certificate Signing Request fields are mandatory.
Certificate Name can be up to 30 characters.
Activate the mTLS feature
We strongly recommend that you enable the mTLS feature only after the certificate has been created.
Enabling the mTLS feature is optional.
Click the settingsbutton. Admin Settings will pop-up.
Client's servers make a request to endpoint on SDK API server, with server key and userId. Refer to the table below for the correct region code and endpoint.
| Region | Region code | Endpoint |
|---|
1. Call using the API key and user id. Refer to section for the instructions on how to get the API key.
If Secure mode is enabled, you will need the server key. Refer to our documentation on from console.
1. Call using the server key.
3. Call using the returned token.
Access token is different from the authentication token returned when calling .
and will be protected by mTLS and provide an extra layer of security.
Action
Description
Certificate Name
Set the name of the certificate (for Admin tracking purpose)
Platform
Set which platform the certificate is for
Provider (Android Only)
Choose which provider the certificate is for
API Key (Android Only)
Firebase - Server Key , Baidu - API Key & Secret Key
Upload p12 (iOS Only)
Upload the p12 certificate file
Credential Password (iOS Only)
Add the password for the p12 file
Europe | eu | https://api.eu.amity.co/ |
Singapore | sg | https://api.sg.amity.co/ or https://api.amity.co/ |
United States | us | https://api.us.amity.co/ |
