Ditto Basics

Authentication and Initialization

This article provides an introduction to Ditto's methods for authentication, as well as step‑by‑step instructions on how to use the online playground authentication mode to initialize Ditto and start prototyping for hybrid online‑offline sync:

Introduction to Authentication

Ditto's security relies on digital identities for peer-to-peer authentication and access control permissions and privileges. Each instance of Ditto running in your app must prove its identity to other peers before it is allowed to sync.

The following table provides an overview of authentication in Ditto:

Method

Use Case

OnlinePlayground¹

You're ready to explore and test realtime sync capabilities without the commitment using either a demo app or your own development app. (See Try On Ditto: Online Playground)

OnlineWithAuthentication

You've integrated Ditto, integrated a third‑party identity service provider, and are now ready to go into production. (See Platform Manual > Security and OnlineWithAuthentication)

¹Do not use the online playground identity for production-level apps.

The online playground is intended for testing and experimentation purposes only. Deploying playground certificates to a live environment could lead to vulnerabilities and security risks.

Try On Ditto: Online Playground

Using Ditto's online playground identity, you can sync with other peers that share the same app ID and read and write to collections without the hassle of needing to set up your own authentication.

Each instance of Ditto running in your app is assigned a random universally unique identifier (UUID), which is the string of alphanumeric characters that identify your app across Ditto, as well as all other systems and environments.

The online playground is an authentication mode that allows you to explore platform features and functionality without the hassle of setting up your own authentication mechanism.

Before you can sync offline, you must connect to the internet to obtain your playground certificate from the Big Peer. For more information, see Online Playground Identity, as follows.

Online Playground Identity

Before you can sync offline, you must first connect to the internet to retrieve your playground certificate.

Unless you have a specialized use case, such as a government app, you must connect to the internet at least once before you can sync offline with other peers.

For more information, see Authentication.

The playground certificate is an X.509-formatted certificate generated automatically by the Big Peer when a network connection is available. Once you've obtained your playground certificate from the Big Peer, you can go offline and sync with unrestricted platform access for a maximum of one week — reading and writing to all collections and establishing connections with all peers sharing the same app ID.

After one week, however, your playground certificate expires and you lose access to the platform, requiring you to reconnect to the internet so the Big Peer can automatically generate a new playground certificate.

Initializing Ditto and Going Offline

To explore Ditto without the commitment, authenticate using the playground identity:

For additional context, see the SDK Setup Guide for your language.

If you want to use Ditto in an air-gapped environment that is entirely offline or on‑premise, contact Ditto Customer Engineering. (See Support)

1

From the portal, create an app and get your access credentials. For instructions, see Onboarding:

Your access credentials consist of an app ID and playground token:

  • The app ID is a unique identifier that Ditto uses to recognize your app:
    • The Big Peer uses the app ID to identify your app before issuing your playground certificate.
    • Peers that share the same app ID will automatically form a mesh network, using any transports available on their respective devices. For more information, see Platform Manual > Transports.
  • The playground token is a passphrase that Small Peers use to authenticate your digital identity with the Big Peer. Once authenticated, the Big Peer issues a unique JSON Web Token (JWT) to establish and ensure persistence of connection between Small Peers and the Big Peer. As long as the playground token remains active, your connection persists.
2

In the top-most scope of the codebase of your app, set up and initialize Ditto and configure your app to use the online playground for testing.

Swift
Kotlin
JS
Node.js
Java
C#
C++
Rust
Curl




Updated 12 Mar 2024
Did this page help you?