Login Solutions (Summary)
Most apps and software products need a login system to reliably identify the user and associate data with a single account over time.
Before you start: confirm with AppInChina
Before beginning any implementation work on your login solution, always confirm your plan with the AppInChina operations and engineering team first.
This gives the AppInChina team time to:
- Decide on a plan of action for account provisioning and configuration (if needed)
- Confirm compliance requirements relevant to your setup
- Align on pricing and any platform-specific considerations
- Identify potential issues early and recommend adjustments
Reaching out early avoids rework and ensures your login integration is set up correctly from the start.
What "login required" means in practice
You may support guest browsing, but once a user performs account-bound actions (for example: saving data, syncing across devices, using subscriptions/entitlements, or accessing personalized content), you must be able to attach those actions to a stable user identity that the user can regain later (across app restarts and, when applicable, across devices).
Minimal capabilities your login system must support
At minimum, your login solution should provide:
- Account creation: users can create an account the first time they need to access account-bound features.
- User login: returning users can authenticate and regain access to the same account.
- Account recovery: users can recover access if they lose credentials (commonly via email or SMS flows).
- Persistent user identity: each authenticated user maps to a stable internal identifier in your system.
- Session / token management: users stay signed in via sessions or refreshable tokens so identity remains stable across sessions.
Guidance for your stable internal user ID
Recommended: create and use an internal user ID that is:
- Stable (does not change over time)
- Unique per user
- Not user-editable
- Not derived from a device identifier (device IDs break restore on device changes)
Avoid using raw PII (like plain phone number or email) as the primary identifier when possible. If your system uses phone/email for login, still prefer generating and storing an internal user ID and using that everywhere internally.
Recommended login solutions
Use this page as a decision/index page, then go to the relevant solution page for detailed pros/cons and official links.
Quick comparison
| Option | Best when | Main trade-off |
|---|---|---|
| Authing | You want a managed identity platform with low implementation overhead | Vendor/platform dependency |
| WeChat Login | Your target users are strongly WeChat-native and you want low-friction login | You still need backend mapping + account linking strategy |
| Custom backend login | You already have a backend and want full control (email/phone/password/OTP) | Highest engineering + security maintenance |
| China cloud identity (CIAM/IDaaS) | You run primarily on Alibaba/Tencent cloud and want a China-first managed identity platform | More vendor coupling; you still need internal userId + account linking |
Authing (recommended default)
We generally recommend Authing as the default login solution for clients who want a managed identity platform.
Authing typically covers:
- Registration and login
- Password or OTP-based authentication (depending on your setup)
- Password reset / account recovery flows
- Token-based sessions
Even when using Authing, you should still maintain a stable internal user ID in your system and treat that as your canonical identifier (for example: user data ownership, entitlements, and cross-service integrations).
WeChat Login
WeChat Login can be a good fit when your audience is strongly aligned with the WeChat ecosystem and you want a low-friction sign-in experience.
Important: you still need a backend mapping from the WeChat identity to a stable internal user ID, so your user data and entitlements remain consistently linked to one account.
China cloud identity (CIAM/IDaaS)
If you run primarily on Alibaba Cloud or Tencent Cloud and your users are mostly in Mainland China, a China-first CIAM/IDaaS platform can reduce time-to-market while keeping identity aligned with your China-region architecture.
You still need to map provider identities to your own stable internal userId and implement account linking if you support multiple login methods.
Summary
To build reliable account-bound features, your app must support a login solution that provides a stable, restorable user identity.
We recommend Authing as the default starting point because it satisfies the minimal requirements with low implementation and maintenance overhead.
Related docs
- If you are integrating with AppInChina Payments, see: Login → Payments integration (customer identity)