Functionality of Server Code

You can execute server code with the following four methods. Select the method that serves your purpose well.

Method Description
Manual operation Calls server code from the Kii Cloud SDK or the REST API and receives the execution result as a return value.
Trigger-based server hook Calls server code automatically when an event occurs such as an update to a user or a bucket.
Schedule-based server hook Calls server code automatically on a specified time.
Thing-IF trigger Calls server code automatically when state data from a thing satisfies a condition. This is an IoT feature of the Thing-IF SDK.

* For more information about the Thing-IF trigger, see Auto Execution with Triggers.

Server code consists of a JS file that contains a JavaScript program, and a server hook configuration file that contains calling conditions of server hooks. If server code is executed only manually, a server hook configuration file is unnecessary.

The following section introduces benefits of server code by examples of a manual operation and a server hook.

Manual operation

With the manual operation method, you call server code registered on Kii Cloud from the Kii Cloud SDK or the REST API and execute it on the server. The caller receives only the execution result as a response.

You can prevent reverse engineering and unauthorized operations because server code is not distributed among users. Additionally, you can protect data from unauthorized access by restricting the ACL of the data because you can securely call server code with the administrator right. If you allow access to KiiObjects only via server code, you can also hide the process to update KiiObjects.

Example of a secure update

As an example of a secure update, suppose you use server code to manage the highest score of a game. Assume the highest score is updated when the game ends.

When a client requests the server code to update the highest score, the client passes data that gives the evidence for the score, such as when the player reached a checkpoint, in addition to the player's score. You can evaluate the evidence data for any cheating with the server code. You can also prevent unauthorized access including direct updates to KiiObjects by allowing to update the highest score only with the administrator right.

The caller of the server code receives only the result that tells if a new record is set or not.

One of the benefits of server code is higher security.
As stated in this topic, you can prevent reverse engineering of your program and access protected data with the administrator right.

Automatic execution with a server hook

There are two types of automatic execution with a server hook: execution by a trigger-based server hook and that by a schedule-based server hook.

  • With a trigger-based server hook, you can specify server code to be executed when any of the following events occur. Server code is called according to the content of the server hook configuration file.

    Target Event
    Bucket A KiiObject is created, deleted, or updated in the target bucket.
    User A user is created or deleted, a user's email address or phone number is authenticated, a user's password is reset or updated, or a user's attributes are updated.
    Group A group is created or added, or a member is added or removed.
    Thing A thing is registered or unregistered, enabled or disabled, an owner is added or removed, or information of a thing is updated.
    Installation A device is installed or uninstalled for receiving push notifications.
  • With a schedule-based server hook, you can specify server code to be executed and its execution time. The execution time can be set by a combination of a month, a day of the month, hour, minute, and a day of the week, its repetition, or a list of combinations. For example, you can set a simple execution time profile such as every hour as well as a complex one such as every 11:00 and 16:00 on Saturdays and Sundays.

Example of a server hook

As an example of a trigger-based server hook, assume a campaign where a new user can receive a gift in the app. This example calls server code to update data in a new user's scope when the user is created.

In the server hook configuration file, the user creation event is associated with a function in specific server code. When the server code is called, the new user is passed as an argument of the function. Then the server code can update a KiiObject in the user's scope.

With a server hook, you can ensure to perform a specific operation for an event. User creations performed in your Kii Cloud application are all captured without omissions. Moreover, a server hook decreases a risk of incomplete processing caused by a communication error because communications within Kii Cloud are more stable than those between the mobile app and Kii Cloud through public networks and Wi-Fi (Note that a retry logic is required if the operation must be fully performed).

Unlike a mobile app, you do not need to deploy or install server code. You can replace all the previous logics to new ones when a new version of server code is activated. You can immediately enable a business logic that often changes its behaviors like a campaign for all users.

Completeness and operability are also improved by using server code.
As stated in this topic, server code helps to perform operations completely without fail and to immediately update the program without deployment to clients.


Learn more...