Products Customers Pricing Docs Help Blog
.Net + Xamarin Guide
Browse All Platforms More Platforms

Getting Started

The Parse platform provides a complete backend solution for your mobile application. Our goal is to totally eliminate the need for writing server code or maintaining servers.

If you're familiar with web frameworks like ASP.NET MVC we've taken many of the same principles and applied them to our platform. In particular, our SDK is ready to use out of the box with minimal configuration on your part.

This guide is for the .NET-based version of our SDK. If you are doing Windows 8 development using HTML and JavaScript, please see our JavaScript guide.

If you haven't installed the SDK yet, please head over to the QuickStart guide to get our SDK up and running in Visual Studio or Xamarin Studio. Note that our SDK requires Visual Studio 2012 or Xamarin Studio and targets .NET 4.5 applications, Windows Store apps, Windows Phone 8 apps, and Xamarin.iOS 6.3+ or Xamarin.Android 4.7+ apps. You can also check out our API Reference for more detailed information about our SDK.

Parse's .NET SDK makes heavy use of the Task-based Asynchronous Pattern so that your apps remain responsive. You can use the async and await keywords in C# and Visual Basic to easily use these long-running tasks.

Want to contribute to this doc? Edit this section.
Was this section helpful? NO YES Thanks for your feedback, we’re always working to make our docs better.

Objects

The ParseObject

Storing data on Parse is built around the ParseObject. Each ParseObject contains key-value pairs of JSON-compatible data. This data is schemaless, which means that you don't need to specify ahead of time what keys exist on each ParseObject. You simply set whatever key-value pairs you want, and our backend will store it.

For example, let's say you're tracking high scores for a game. A single ParseObject could contain:

score: 1337, playerName: "Sean Plott", cheatMode: false

Keys must start with a letter, and can contain alphanumeric characters and underscores. Values can be strings, numbers, booleans, or even arrays and dictionaries - anything that can be JSON-encoded.

Each ParseObject has a class name that you can use to distinguish different sorts of data. For example, we could call the high score object a GameScore. We recommend that you NameYourClassesLikeThis and nameYourKeysLikeThis, just to keep your code looking pretty.

Saving Objects

Let's say you want to save the GameScore described above to the Parse Cloud. The interface is similar to an IDictionary<string, object>, plus the SaveAsync method:

ParseObject gameScore = new ParseObject("GameScore");
gameScore["score"] = 1337;
gameScore["playerName"] = "Sean Plott";
await gameScore.SaveAsync();

After this code runs, you will probably be wondering if anything really happened. To make sure the data was saved, you can look at the Data Browser in your app on Parse. You should see something like this:

objectId: "xWMyZ4YEGZ", score: 1337, playerName: "Sean Plott", cheatMode: false,
createdAt:"2011-06-10T18:33:42Z", updatedAt:"2011-06-10T18:33:42Z"

There are two things to note here. You didn't have to configure or set up a new Class called GameScore before running this code. Your Parse app lazily creates this Class for you when it first encounters it.

There are also a few fields you don't need to specify that are provided as a convenience. ObjectId is a unique identifier for each saved object. CreatedAt and UpdatedAt represent the time that each object was created and last modified in the Parse Cloud. Each of these fields is filled in by Parse, so they don't exist on a ParseObject until a save operation has completed.

Data Types

So far we've used values with type string and int assigned to fields of a ParseObject. Parse also supports fields containing:

You can nest IDictionary<string, T> and IList<T> objects to store more structured data within a single ParseObject.

Some examples:

int number = 42;
string str = "the number is " + number;
DateTime date = DateTime.Now;
byte[] data = System.Text.Encoding.UTF8.GetBytes("foo");
IList<object> list = new List<object> { str, number };
IDictionary<string, object> dictionary = new Dictionary<string, object>
{
    { "number", number },
    { "string", str }
};

var bigObject = new ParseObject("BigObject");
bigObject["myNumber"] = number;
bigObject["myString"] = str;
bigObject["myDate"] = date;
bigObject["myData"] = data;
bigObject["myList"] = list;
bigObject["myDictionary"] = dictionary;
await bigObject.SaveAsync();

We do not recommend storing large pieces of binary data like images or documents using byte[] fields on ParseObject. ParseObjects should not exceed 128 kilobytes in size.

For more information about how Parse handles data, check out our documentation on Data.

Retrieving Objects

Saving data to the cloud is fun, but it's even more fun to get that data out again. If you have the ObjectId, you can retrieve the whole ParseObject using a ParseQuery:

ParseQuery<ParseObject> query = ParseObject.GetQuery("GameScore");
ParseObject gameScore = await query.GetAsync("xWMyZ4YEGZ");

To get the values out of the ParseObject, use the Get<T> method.

int score = gameScore.Get<int>("score");
string playerName = gameScore.Get<string>("playerName");
bool cheatMode = gameScore.Get<bool>("cheatMode");

The three special values are provided as properties:

string objectId = gameScore.ObjectId;
DateTime? updatedAt = gameScore.UpdatedAt;
DateTime? createdAt = gameScore.CreatedAt;

If you need to get an object's latest data from Parse, you can call the FetchAsync method like so:

await myObject.FetchAsync();

Updating Objects

Updating an object is simple. Just set some new data on it and call one of the save methods. For example:

// Create the object.
var gameScore = new ParseObject("GameScore")
{
    { "score", 1337 },
    { "playerName", "Sean Plott" },
    { "cheatMode", false },
    { "skills", new List<string> { "pwnage", "flying" } },
};
await gameScore.SaveAsync();

// Now let's update it with some new data.  In this case, only cheatMode
// and score will get sent to the cloud.  playerName hasn't changed.
gameScore["cheatMode"] = true;
gameScore["score"] = 1338;
await gameScore.SaveAsync();

The client automatically figures out which data has changed so only "dirty" fields will be sent to Parse. You don't need to worry about squashing data that you didn't intend to update.

Counters

The above example contains a common use case. The "score" field is a counter that we'll need to continually update with the player's latest score. Using the above method works but it's cumbersome and can lead to problems if you have multiple clients trying to update the same counter.

To help with storing counter-type data, Parse provides methods that atomically increment (or decrement) any number field. So, the same update can be rewritten as:

gameScore.Increment("score");
await gameScore.SaveAsync();

You can also increment by any amount using Increment(key, amount).

Lists

To help with storing list data, there are three operations that can be used to atomically change a list field:

For example, we can add items to the set-like "skills" field like so:

gameScore.AddRangeUniqueToList("skills", new[] { "flying", "kungfu" });
await gameScore.SaveAsync();

Note that it is not currently possible to atomically add and remove items from a list in the same save. You will have to call save in between every different kind of list operation.

Deleting Objects

To delete an object from the cloud:

await myObject.DeleteAsync();

You can delete a single field from an object with the Remove method:

// After this, the playerName field will be empty
myObject.Remove("playerName");

// Saves the field deletion to the Parse Cloud
await myObject.SaveAsync();

Relational Data

Objects can have relationships with other objects. To model one-to-many relationships, any ParseObject can be used as a value in other ParseObjects. Internally, the Parse framework will store the referred-to object in just one place to maintain consistency.

For example, each Comment in a blogging app might correspond to one Post. To create a new Post with a single Comment, you could write:

// Create the post
var myPost = new ParseObject("Post")
{
    { "title", "I'm Hungry" },
    { "content", "Where should we go for lunch?" }
};

// Create the comment
var myComment = new ParseObject("Comment")
{
    { "content", "Let's do Sushirrito." }
};

// Add a relation between the Post and Comment
myComment["parent"] = myPost;

// This will save both myPost and myComment
await myComment.SaveAsync();

You can also link objects using just their ObjectIds like so:

myComment["parent"] = ParseObject.CreateWithoutData("Post", "1zEcyElZ80");

By default, when fetching an object, related ParseObjects are not fetched. These objects' values cannot be retrieved until they have been fetched like so:

ParseObject post = fetchedComment.Get<ParseObject>("parent");
await post.FetchIfNeededAsync();

For a many-to-many relationship, use the ParseRelation object. This works similar to a List<ParseObject>, except that you don't need to download all the objects in a relation at once. This allows ParseRelation to scale to many more objects than the List<ParseObject> approach. For example, a ParseUser may have many Posts that they might like. In this case, you can store the set of Posts that a ParseUser likes using GetRelation. In order to add a post to the list, the code would look something like:

var user = ParseUser.CurrentUser;
var relation = user.GetRelation<ParseObject>("likes");
relation.Add(post);
await user.SaveAsync();

You can remove a post from the ParseRelation with something like:

relation.Remove(post);

By default, the list of objects in this relation are not downloaded. You can get the list of Posts by using calling FindAsync on the ParseQuery returned by Query. The code would look like:

IEnumerable<ParseObject> relatedObjects = await relation.Query.FindAsync();

If you want only a subset of the Posts you can add extra constraints to the ParseQuery returned by Query like this:

var query = from post in relation.Query
            where post.CreatedAt > DateTime.Now - TimeSpan.FromDays(10)
                  // alternatively, add any other query constraints
            select post;
var relatedObjects = await query.FindAsync();

// or using LINQ
var query = relation.Query
    .WhereGreaterThan("createdAt", DateTime.Now - TimeSpan.FromDays(10));
    // alternatively, add any other query constraints
var relatedObjects = await query.FindAsync();

For more details on ParseQuery please look at the query portion of this guide. A ParseRelation behaves similar to a List<ParseObject>, so any queries you can do on lists of objects you can do on ParseRelations.

Subclasses

Parse is designed to get you up and running as quickly as possible. You can access all of your data using the ParseObject class and access any field with Get<T>(). In mature codebases, subclasses have many advantages, including terseness, extensibility, type-safety, and support for IntelliSense. Subclassing is completely optional, but can transform this code:

// Using dictionary-initialization syntax:
var shield = new ParseObject("Armor")
{
  { "displayName", "Wooden Shield" },
  { "fireproof", false },
  { "rupees", 50 }
};

// And later:
Console.WriteLine(shield.Get<string>("displayName"));
shield["fireproof"] = true;
shield["rupees"] = 500;

Into this:

// Using object-initialization syntax:
var shield = new Armor
{
  DisplayName = "Wooden Shield",
  IsFireproof = false,
  Rupees = 50
};

// And later:
Console.WriteLine(shield.DisplayName);
shield.IsFireproof = true;
shield.Rupees = 500;

Subclassing ParseObject

To create a ParseObject subclass:

  1. Declare a subclass which extends ParseObject.
  2. Add a ParseClassName attribute. Its value should be the string you would pass into the ParseObject constructor, and makes all future class name references unnecessary.
  3. Ensure that your subclass has a public default (i.e. zero-argument) constructor. You must not modify any ParseObject fields in this constructor.
  4. Call ParseObject.RegisterSubclass<YourClass>() in your code before calling ParseClient.Initialize(). The following code sucessfully implements and registers the Armor subclass of ParseObject:
// Armor.cs
using Parse;

[ParseClassName("Armor")]
public class Armor : ParseObject
{
}

// App.xaml.cs
using Parse;

public class App : Application
{
  public App()
  {
    ParseObject.RegisterSubclass<Armor>();
    ParseClient.Initialize(ParseApplicationId, ParseWindowsKey);
  }
}

Properties and Methods

Adding methods and properties to your ParseObject subclass helps encapsulate logic about the class. You can keep all your logic about a subject in one place rather than using separate classes for business logic and storage/transmission logic.

You can add properties for the fields of your ParseObject easily. Declare the getter and setter for the field as you normally would, but implement them in terms of GetProperty<T>() and SetProperty<T>(). Finally, add a ParseFieldName attribute to the property to fully integrate the property with Parse, enabling functionality like LINQ support and automatically raising INotifyPropertyChanged notifications. The following example creates a displayName field in the Armor class:

// Armor.cs
[ParseClassName("Armor")]
public class Armor : ParseObject
{
  [ParseFieldName("displayName")]
  public string DisplayName
  {
    get { return GetProperty<string>(); }
    set { SetProperty<string>(value); }
  }
}

You can now access the displayName field using armor.DisplayName and assign to it using armor.DisplayName = "Wooden Sword". This allows your IDE to provide autocompletion as you develop your app and allows typos to be caught at compile-time.

ParseRelation-typed properties can also be easily defined using GetRelationProperty<T>. For example:

// Armor.cs
[ParseClassName("Armor")]
public class Armor : ParseObject
{
  [ParseFieldName("attribute")]
  public ParseRelation<ArmorAttribute> Attributes
  {
    get { return GetRelationProperty<ArmorAttribute>(); }
  }
}

If you need more complicated logic than simple field access, you can declare your own methods as well:

public void TakeDamage(int amount) {
  // Decrease the armor's durability and determine whether it has broken
  this.Increment("durability", -amount);
  if (this.Durability < 0) {
    this.IsBroken = true;
  }
}

Initializing Subclasses

You should create new instances of your subclasses using the constructors you have defined. Your subclass must define a public default constructor that does not modify fields of the ParseObject, which will be used throughout the Parse SDK to create strongly-typed instances of your subclass.

To create a reference to an existing object, use ParseObject.CreateWithoutData<T>():

var armorReference = ParseObject.CreateWithoutData<Armor>(armor.ObjectId);

Queries

You can get a query for objects of a particular subclass using the generic ParseQuery<T> class. The following example queries for armors that the user can afford:

var query = from armor in new ParseQuery<Armor>()
            where armor.Rupees <= ((Player)ParseUser.CurrentUser).Rupees
            select armor;
IEnumerable<Armor> result = await query.FindAsync();

// or using LINQ
var query = new ParseQuery<Armor>()
    .WhereLessThanOrEqualTo("rupees", ((Player)ParseUser.CurrentUser).Rupees);
IEnumerable<Armor> result = await query.FindAsync();

Note that the ParseQuery LINQ provider understands properties with the ParseFieldName attribute, allowing you to use these strongly-typed properties fluently within your LINQ queries.

Want to contribute to this doc? Edit this section.
Was this section helpful? NO YES Thanks for your feedback, we’re always working to make our docs better.

Queries

We've already seen how a ParseQuery with GetAsync can retrieve a single ParseObject from Parse. There are many other ways to retrieve data with ParseQuery - you can retrieve many objects at once, put conditions on the objects you wish to retrieve, and more.

Basic Queries

In many cases, GetAsync isn't powerful enough to specify which objects you want to retrieve. The ParseQuery offers different ways to retrieve a list of objects rather than just a single object.

The general pattern is to create a ParseQuery, constraints to it, and then retrieve an IEnumerable of matching ParseObjectss using FindAsync. While ParseQuery supports a method-based approach for building your query, we highly recommend you use LINQ. This allows to use the full power of the LINQ C# and Visual Basic language features to create rich queries over your data.

For example, to retrieve scores with a particular playerName, use a "where" clause to constrain the value for a key.

var query = from gameScore in ParseObject.GetQuery("GameScore")
            where gameScore.Get<string>("playerName") == "Dan Stemkoski"
            select gameScore;
IEnumerable<ParseObject> results = await query.FindAsync();

// or using LINQ
var query = ParseObject.GetQuery("GameScore")
    .WhereEqualTo("playerName", "Dan Stemkoski");
IEnumerable<ParseObject> results = await query.FindAsync();

Query Constraints

There are several ways to put constraints on the objects found by a ParseQuery. You can filter out objects with a particular key-value pair with a LINQ where ... != ... clause or a call to WhereNotEqualTo:

var query = from gameScore in ParseObject.GetQuery("GameScore")
            where gameScore.Get<string>("playerName") != "Michael Yabuti"
            select gameScore;

// or using LINQ
var query = ParseObject.GetQuery("GameScore")
    .WhereNotEqualTo("playerName", "Michael Yabuti");

You can give multiple constraints, and objects will only be in the results if they match all of the constraints. In other words, it's like an AND of constraints.

// The following queries are equivalent:
var query1 = from gameScore in ParseObject.GetQuery("GameScore")
             where !gameScore.Get<string>("playerName").Equals("Michael Yabuti")
             where gameScore.Get<int>("playerAge") > 18
             select gameScore;

var query2 = from gameScore in ParseObject.GetQuery("GameScore")
             where !gameScore.Get<string>("playerName").Equals("Michael Yabuti")
                 && gameScore.Get<int>("playerAge") > 18
             select gameScore;

// or using LINQ
var query = ParseObject.GetQuery("GameScore")
    .WhereNotEqualTo("playerName", "Michael Yabuti")
    .WhereGreaterThan("playerAge", 18);

You can limit the number of results by calling Limit. By default, results are limited to 100, but anything from 1 to 1000 is a valid limit:

query = query.Limit(10); // limit to at most 10 results

If you want exactly one result, a more convenient alternative may be to use FirstAsync or FirstOrDefaultAsync instead of using FindAsync.

var query = from gameScore in ParseObject.GetQuery("GameScore")
            where gameScore.Get<string>("playerEmail") == "dstemkoski@example.com"
            select gameScore;
ParseObject obj = await query.FirstAsync();

// or using LINQ
var query = ParseObject.GetQuery("GameScore")
    .WhereEqualTo("playerEmail", "dstemkoski@example.com");
ParseObject obj = await query.FirstAsync();

You can skip the first results by calling Skip. This can be useful for pagination:

query = query.Skip(10); // skip the first 10 results

For sortable types like numbers and strings, you can control the order in which results are returned:

// Sorts the results in ascending order by score and descending order by playerName
var query = from gameScore in ParseObject.GetQuery("GameScore")
            orderby gameScore.Get<int>("score") descending, gameScore.Get<string>("playerName")
            select gameScore;

// or using LINQ
// Sorts the results in ascending order by score and descending order by playerName
var query = ParseObject.GetQuery("GameScore")
    .OrderBy("score")
    .ThenByDescending("playerName");

For sortable types, you can also use comparisons in queries:

// Restricts to wins < 50
query = from gameScore in query
        where gameScore.Get<int>("wins") < 50
        select gameScore;

// Restricts to wins <= 50
query = from gameScore in query
        where gameScore.Get<int>("wins") <= 50
        select gameScore;

// Restricts to wins > 50
query = from gameScore in query
        where gameScore.Get<int>("wins") > 50
        select gameScore;

// Restricts to wins >= 50
query = from gameScore in query
        where gameScore.Get<int>("wins") >= 50
        select gameScore;

// or using LINQ
// Restricts to wins < 50
query = query.WhereLessThan("wins", 50);

// Restricts to wins <= 50
query = query.WhereLessThanOrEqualTo("wins", 50);

// Restricts to wins > 50
query = query.WhereGreaterThan("wins", 50);

// Restricts to wins >= 50
query = query.WhereGreaterThanOrEqualTo("wins", 50);

If you want to retrieve objects matching several different values, you can use WhereContainedIn or a Contains LINQ query, providing an list of acceptable values. This is often useful to replace multiple queries with a single query. For example, if you want to retrieve scores made by any player in a particular list:

// Finds scores from any of Jonathan, Dario, or Shawn
var names = new[] { "Jonathan Walsh", "Dario Wunsch", "Shawn Simon" };
var query = from gameScore in ParseObject.GetQuery("GameScore")
            where names.Contains(gameScore.Get<string>("playerName"))
            select gameScore;

// or using LINQ
// Finds scores from any of Jonathan, Dario, or Shawn
var names = new[] { "Jonathan Walsh", "Dario Wunsch", "Shawn Simon" };
var query = ParseObject.GetQuery("GameScore")
    .WhereContainedIn("playerName", names);

If you want to retrieve objects that do not match any of several values you can use WhereNotContainedIn or a !Contains LINQ query, providing an list of acceptable values. For example, if you want to retrieve scores from players besides those in a list:

// Finds scores from any of Jonathan, Dario, or Shawn
var names = new[] { "Jonathan Walsh", "Dario Wunsch", "Shawn Simon" };
var query = from gameScore in ParseObject.GetQuery("GameScore")
            where !names.Contains(gameScore.Get<string>("playerName"))
            select gameScore;

// or using LINQ
// Finds scores from any of Jonathan, Dario, or Shawn
var names = new[] { "Jonathan Walsh", "Dario Wunsch", "Shawn Simon" };
var query = ParseObject.GetQuery("GameScore")
    .WhereNotContainedIn("playerName", names);

If you want to retrieve objects that have a particular key set, you can use WhereExists or an ContainsKey LINQ query. Conversely, if you want to retrieve objects without a particular key set, you can use WhereDoesNotExist or an !ContainsKey LINQ query.

// Finds objects that have the score set
var query = from gameScore in ParseObject.GetQuery("GameScore")
            where gameScore.ContainsKey("score")
            select gameScore;

// Finds objects that don't have the score set
var query = from gameScore in ParseObject.GetQuery("GameScore")
            where !gameScore[.ContainsKey("score")
            select gameScore;

// or using LINQ
// Finds objects that have the score set
var query = ParseObject.GetQuery("GameScore")
    .WhereExists("score");

// Finds objects that don't have the score set
var query = ParseObject.GetQuery("GameScore")
    .WhereDoesNotExist("score");

You can use the WhereMatchesKeyInQuery method or a join LINQ query to get objects where a key matches the value of a key in a set of objects resulting from another query. For example, if you have a class containing sports teams and you store a user's hometown in the user class, you can issue one query to find the list of users whose hometown teams have winning records. The query would look like:

var teamQuery = from team in ParseObject.GetQuery("Team")
                where team.Get<double>("winPct") > 0.5
                select team;
var userQuery = from user in ParseUser.Query
                join team in teamQuery on user["hometown"] equals team["city"]
                select user;
IEnumerable<ParseUser> results = await userQuery.FindAsync();
// results will contain users with a hometown team with a winning record

// or using LINQ
var teamQuery = ParseQuery.GetQuery("Team")
    .WhereGreaterThan("winPct", 0.5);
var userQuery = ParseUser.Query
    .WhereMatchesKeyInQuery("hometown", "city", teamQuery);
IEnumerable<ParseUser> results = await userQuery.FindAsync();
// results will contain users with a hometown team with a winning record

Queries on List Values

For keys with an array type, you can find objects where the key's array value contains 2 by:

// Find objects where the list in listKey contains 2.
var query = from obj in ParseObject.GetQuery("MyClass")
            where obj.Get<IList<int>>("listKey").Contains(2)
            select obj;

// or using LINQ
// Find objects where the list in listKey contains 2.
var query = ParseObject.GetQuery("MyClass")
    .WhereEqualTo("listKey", 2);

Queries on String Values

Use WhereStartsWith or a StartsWith LINQ query to restrict to string values that start with a particular string. Similar to a MySQL LIKE operator, this is indexed so it is efficient for large datasets:

// Finds barbecue sauces that start with "Big Daddy's".
var query = from sauce in ParseObject.GetQuery("BarbecueSauce")
            where sauce.Get<string>("name").StartsWith("Big Daddy's")
            select sauce;

// or using LINQ
// Finds barbecue sauces that start with "Big Daddy's".
var query = ParseObject.GetQuery("BarbecueSauce")
    .WhereStartsWith("name", "Big Daddy's");
If you're trying to implement a generic search feature, we recommend taking a look at this blog post: Implementing Scalable Search on a NoSQL Backend.

Relational Queries

There are several ways to issue queries for relational data. If you want to retrieve objects where a field matches a particular ParseObject, you can use WhereEqualTo or a == LINQ query just like for other data types. For example, if each Comment has a Post object in its post field, you can fetch comments for a particular Post:

// Assume ParseObject myPost was previously created.
var query = from comment in ParseObject.GetQuery("Comment")
            where comment["post"] == myPost
            select comment;

var comments = await query.FindAsync();
// comments now contains the comments for myPost

// or using LINQ
// Assume ParseObject myPost was previously created.
var query = ParseObject.GetQuery("Comment")
    .WhereEqualTo("post", myPost);

var comments = await query.FindAsync();
//comments now contains the comments for myPost

You can also do relational queries by ObjectId:

var query = from comment in ParseObject.GetQuery("Comment")
            where comment["post"] == ParseObject.CreateWithoutData("Post", "1zEcyElZ80")
            select comment;

// or using LINQ
var query = ParseObject.GetQuery("Comment")
    .WhereEqualTo("post", ParseObject.CreateWithoutData("Post", "1zEcyElZ80"));

If you want to retrieve objects where a field contains a ParseObject that matches a different query, you can use WhereMatchesQuery or a join LINQ query. Note that the default limit of 100 and maximum limit of 1000 apply to the inner query as well, so with large data sets you may need to construct queries carefully to get the desired behavior. In order to find comments for posts with images, you can do:

var imagePosts = from post in ParseObject.GetQuery("Post")
                 where post.ContainsKey("image")
                 select post;
var query = from comment in ParseObject.GetQuery("Comment")
            join post in imagePosts on comment["post"] equals post
            select comment;

var comments = await query.FindAsync();
// comments now contains the comments for posts with images

// or using LINQ
var imagePosts = ParseObject.GetQuery("Post")
    .WhereExists("image");
var query = ParseObject.GetQuery("Comment")
    .WhereMatchesQuery("post", imagePosts);

var comments = await query.FindAsync();
// comments now contains the comments for posts with images

If you want to retrieve objects where a field contains a ParseObject that does not match a different query, you can use WhereDoesNotMatchQuery. In order to find comments for posts without images, you can do:

var imagePosts = from post in ParseObject.GetQuery("Post")
                 where post.ContainsKey("image")
                 select post;
var query = ParseObject.GetQuery("Comment")
    .WhereDoesNotMatchQuery("post", imagePosts);

var comments = await query.FindAsync();
// comments now contains the comments for posts without images

// or using LINQ
var imagePosts = ParseObject.GetQuery("Post")
    .WhereExists("image");
var query = ParseObject.GetQuery("Comment")
    .WhereDoesNotMatchQuery("post", imagePosts);

var comments = await query.FindAsync();
// comments now contains the comments for posts without images

In some situations, you want to return multiple types of related objects in one query. You can do this with the Include method. For example, let's say you are retrieving the last ten comments, and you want to retrieve their related posts at the same time:

// Retrieve the most recent comments
var query = from comment in ParseObject.GetQuery("Comment")
                                       // Only retrieve the last 10 comments
                                       .Limit(10)
                                       // Include the post data with each comment
                                       .Include("post")
            orderby comment.CreatedAt descending
            select comment;

var comments = await comments.FindAsync();

// Comments now contains the last ten comments, and the "post" field
// contains an object that has already been fetched.  For example:
foreach (var comment in comments)
{
    // This does not require a network access.
    var post = comment.Get<ParseObject>("post");
    Debug.WriteLine("Post title: " + post["title"]);
}

// or using LINQ
// Retrieve the most recent comments
var query = ParseObject.GetQuery("Comment")
    .OrderByDescending("createdAt")
    .Limit(10) // Only retrieve the last 10 comments
    .Include("post"); // Include the post data with each comment

// Only retrieve the last 10 comments
query = query.Limit(10);

// Include the post data with each comment
query = query.Include("post");

var comments = await comments.FindAsync();

// Comments now contains the last ten comments, and the "post" field
// contains an object that has already been fetched.  For example:
foreach (var comment in comments)
{
    // This does not require a network access.
    var post = comment.Get<ParseObject>("post");
    Debug.WriteLine("Post title: " + post["title"]);
}

You can also do multi level includes using dot notation. If you wanted to include the post for a comment and the post's author as well you can do:

query = query.Include("post.author");

You can issue a query with multiple fields included by calling Include multiple times. This functionality also works with ParseQuery helpers like FirstAsync and GetAsync

Counting Objects

Caveat: Count queries are rate limited to a maximum of 160 requests per minute. They can also return inaccurate results for classes with more than 1,000 objects. Thus, it is preferable to architect your application to avoid this sort of count operation (by using counters, for example.)

If you just need to count how many objects match a query, but you do not need to retrieve the objects that match, you can use CountAsync instead of FindAsync. For example, to count how many games have been played by a particular player:

var query = from gameScore in ParseObject.GetQuery("GameScore")
            where gameScore["playerName"] == "Sean Plott"
            select gameScore;
var count = await query.CountAsync();

// or using LINQ
// First set up a callback.
var query = ParseObject.GetQuery("GameScore")
    .WhereEqualTo("playerName", "Sean Plott");
var count = await query.CountAsync();

Compound Queries

If you want to find objects that match one of several queries, you can use the Or method. For instance, if you want to find players with either have a lot of wins or a few wins, you can do:

var lotsOfWins = from player in ParseObject.GetQuery("Player")
                 where player.Get<int>("wins") > 150
                 select player;

var fewWins = from player in ParseObject.GetQuery("Player")
              where player.Get<int>("wins") < 5
              select player;

ParseQuery<ParseObject> query = lotsOfWins.Or(fewWins);

var results = await query.FindAsync();
// results contains players with lots of wins or only a few wins.

// or using LINQ
var lotsOfWins = ParseObject.GetQuery("Player")
    .WhereGreaterThan("wins", 150);

var fewWins = ParseObject.GetQuery("Player")
    .WhereLessThan("wins", 5);

ParseQuery<ParseObject> query = lotsOfWins.Or(fewWins);
// results contains players with lots of wins or only a few wins.

You can add additional constraints to the newly created ParseQuery that act as an 'and' operator.

Note that we do not, however, support GeoPoint or non-filtering constraints (e.g. Near, WhereWithinGeoBox, Limit, Skip, OrderBy..., Include) in the subqueries of the compound query.

Want to contribute to this doc? Edit this section.
Was this section helpful? NO YES Thanks for your feedback, we’re always working to make our docs better.

Users

At the core of many apps, there is a notion of user accounts that lets users access their information in a secure manner. We provide a specialized user class called ParseUser that automatically handles much of the functionality required for user account management.

With this class, you'll be able to add user account functionality in your app.

ParseUser is a subclass of ParseObject and has all the same features, such as flexible schema, automatic persistence, and a key value interface. All the methods that are on ParseObject also exist in ParseUser. The difference is that ParseUser has some special additions specific to user accounts.

Properties

ParseUser has several properties that set it apart from ParseObject:

We'll go through each of these in detail as we run through the various use cases for users. Keep in mind that if you set Username and Email through these properties, you do not need to set it using the indexer on ParseObject — this is set for you automatically.

Signing Up

The first thing your app will do is probably ask the user to sign up. The following code illustrates a typical sign up:

public async void SignUpButton_Click(object sender, RoutedEventArgs e)
{
    var user = new ParseUser()
    {
        Username = "my name",
        Password = "my pass",
        Email = "email@example.com"
    };

    // other fields can be set just like with ParseObject
    user["phone"] = "415-392-0202";

    await user.SignUpAsync();
}

This call will asynchronously create a new user in your Parse App. Before it does this, it also checks to make sure that both the username and email are unique. Also, it securely hashes the password in the cloud using bcrypt. We never store passwords in plaintext, nor will we ever transmit passwords back to the client in plaintext.

Note that we used the SignUpAsync method, not the SaveAsync method. New ParseUsers should always be created using the SignUpAsync method. Subsequent updates to a user can be done by calling SaveAsync.

If a signup isn't successful, you should catch the exception thrown by the SignUpAsync. The most likely case is that the username or email has already been taken by another user. You should clearly communicate this to your users, and ask them try a different username.

You are free to use an email address as the username. Simply ask your users to enter their email, but fill it in both the Username and Email properties — ParseObject will work as normal. We'll go over how this is handled in the reset password section.

Logging In

Of course, after you allow users to sign up, you need to let them log in to their account in the future. To do this, you can use the class method LogInAsync.

try
{
    await ParseUser.LogInAsync("myname", "mypass");
    // Login was successful.
}
catch (Exception e)
{
    // The login failed. Check the error to see why.
}

Verifying Emails

Enabling email verification in an application's settings allows the application to reserve part of its experience for users with confirmed email addresses. Email verification adds the emailVerified key to the ParseUser object. When a ParseUser's Email is set or modified, emailVerified is set to false. Parse then emails the user a link which will set emailVerified to true.

There are three emailVerified states to consider:

  1. true - the user confirmed his or her email address by clicking on the link Parse emailed them. ParseUsers can never have a true value when the user account is first created.
  2. false - at the time the ParseUser object was last refreshed, the user had not confirmed his or her email address. If emailVerified is false, consider calling FetchAsync on the ParseUser.
  3. missing - the ParseUser was created when email verification was off or the ParseUser does not have an email.

Current User

It would be bothersome if the user had to log in every time they open your app. You can avoid this by using the cached ParseUser.CurrentUser object.

Whenever you use any signup or login methods, the user is cached on disk. You can treat this cache as a session, and automatically assume the user is logged in:

if (ParseUser.CurrentUser != null)
{
    // do stuff with the user
}
else
{
    // show the signup or login screen
}

You can clear the current user by logging them out:

ParseUser.LogOut();
var currentUser = ParseUser.CurrentUser; // this will now be null

Setting the Current User

If you’ve created your own authentication routines, or otherwise logged in a user on the server side, you can now pass the session token to the client and use the become method. This method will ensure the session token is valid before setting the current user.

try
{
  await ParseUser.becomeAsync("session-token-here");
  // The current user is now set to user.
}
catch (Exception e)
{
  // The token could not be validated.
}

Security For User Objects

The ParseUser class is secured by default. Data stored in a ParseUser can only be modified by that user. By default, the data can still be read by any client. Thus, some ParseUser objects are authenticated and can be modified, whereas others are read-only.

Specifically, you are not able to invoke the SaveAsync or DeleteAsync methods unless the ParseUser was obtained using an authenticated method, like LogInAsync or SignUpAsync. This ensures that only the user can alter their own data.

The following illustrates this security policy:

var user = await ParseUser.LogInAsync("my_username", "my_password");
user.Username = "my_new_username"; // attempt to change username
await user.SaveAsync(); // This succeeds, since this user was
                        // authenticated on the device

ParseUser.LogOut();
// Get the user from a non-authenticated method
user = await ParseUser.Query.GetAsync(user.ObjectId);
user.Username = "another_username";

// This will throw an exception, since the ParseUser is not authenticated
await user.SaveAsync();

The ParseUser obtained from Current will always be authenticated.

If you need to check if a ParseUser is authenticated, you can check the IsAuthenticated property. You do not need to check IsAuthenticated with ParseUser objects that are obtained via an authenticated method.

Security For Other Objects

The same security model that applies to the ParseUser can be applied to other objects. For any object, you can specify which users are allowed to read the object, and which users are allowed to modify an object. To support this type of security, each object has an access control list, implemented by the ParseACL class.

The simplest way to use a ParseACL is to specify that an object may only be read or written by a single user. To create such an object, there must first be a logged in ParseUser. Then, the ParseACL constructor generates a ParseACL that limits access to that user. An object's ACL is updated when the object is saved, like any other property. Thus, to create a private note that can only be accessed by the current user:

var privateNote = new ParseObject("Note");
privateNote["content"] = "This note is private!";
privateNote.ACL = new ParseACL(ParseUser.CurrentUser);
await privateNote.SaveAsync();

This note will then only be accessible to the current user, although it will be accessible to any device where that user is signed in. This functionality is useful for applications where you want to enable access to user data across multiple devices, like a personal todo list.

Permissions can also be granted on a per-user basis. You can add permissions individually to a ParseACL using SetReadAccess and SetWriteAccess. For example, let's say you have a message that will be sent to a group of several users, where each of them have the rights to read and delete that message:

var groupMessage = new ParseObject("Message");
var groupACL = new ParseACL();

// userList is an IEnumerable<ParseUser> with the users we are sending
// this message to.
foreach (var user in userList)
{
    groupACL.SetReadAccess(user, true);
    groupACL.SetWriteAccess(user, true);
}

groupMessage.ACL = groupACL;
await groupMessage.SaveAsync();

You can also grant permissions to all users at once using the PublicReadAccess and PublicWriteAccess properties. This allows patterns like posting comments on a message board. For example, to create a post that can only be edited by its author, but can be read by anyone:

var publicPost = new ParseObject("Post");
var postACL = new ParseACL(ParseUser.CurrentUser)
{
    PublicReadAccess = true,
    PublicWriteAccess = false
};
publicPost.ACL = postACL;
await publicPost.SaveAsync();

Operations that are forbidden, such as deleting an object that you do not have write access to, result in a ParseException with a ObjectNotFound error code. For security purposes, this prevents clients from distinguishing which object ids exist but are secured, versus which object ids do not exist at all.

Resetting Passwords

As soon as you introduce passwords into a system, users will forget them. In such cases, our library provides a way to let them securely reset their password.

To kick off the password reset flow, ask the user for their email address, and call:

await ParseUser.RequestPasswordResetAsync("email@example.com");

This will attempt to match the given email with the user's email or username field, and will send them a password reset email. By doing this, you can opt to have users use their email as their username, or you can collect it separately and store it in the email field.

The flow for password reset is as follows:

  1. User requests that their password be reset by typing in their email.
  2. Parse sends an email to their address, with a special password reset link.
  3. User clicks on the reset link, and is directed to a special Parse page that will allow them type in a new password.
  4. User types in a new password. Their password has now been reset to a value they specify.

Note that the messaging in this flow will reference your app by the name that you specified when you created this app on Parse.

Querying

To query for users, you need to use the special user query:

var women = await (from user in ParseUser.Query
                   where user.Get<string>("gender") == "female"
                   select user).FindAsync();

// or using LINQ
var women = await ParseUser.Query
    .WhereEqualTo("gender", "female")
    .FindAsync();

In addition, you can use GetAsync to get a ParseUser by id.

Associations

Associations involving a ParseUser work right out of the box. For example, let's say you're making a blogging app. To store a new post for a user and retrieve all their posts:

// Make a new post
var post = new ParseObject("Post")
{
    { "title", "My New Post" },
    { "body", "This is some great content." },
    { "user", ParseUser.CurrentUser }
};
await post.SaveAsync();

// Find all posts by the current user
var usersPosts = await (from post in ParseObject.GetQuery("Post")
                        where post.Get<ParseUser>("user") == ParseUser.CurrentUser
                        select post).FindAsync();

// or using LINQ
// Make a new post
var post = new ParseObject("Post")
{
    { "title", "My New Post" },
    { "body", "This is some great content." },
    { "user", ParseUser.CurrentUser }
};
await post.SaveAsync();

// Find all posts by the current user
var usersPosts = await ParseObject.GetQuery("Post")
    .WhereEqualTo("user", ParseUser.CurrentUser)
    .FindAsync();

Facebook Users

Parse provides an easy way to integrate Facebook with your application. The ParseFacebookUtils class integrates with ParseUser to make linking your users to their Facebook identities easy.

Using our Facebook integration, you can associate an authenticated Facebook user with a ParseUser. With just a few lines of code, you'll be able to provide a "log in with Facebook" option in your app, and be able to save their data to Parse.

Setup

To start using Facebook with Parse, you need to:

  1. Set up a Facebook app, if you haven't already. In the "Advanced" tab of your app's settings page, Make sure that your app's "App Type" (in the "Authentication" section) is set to "Native/Desktop".
  2. Add your application's Facebook Application ID on your Parse application's settings page.
  3. In your Application constructor, call ParseFacebookUtils.Initialize() with your Facebook App ID:
    public App()
    {
    // App.xaml initialization
    ParseClient.Initialize("Your Application ID", "Your .NET Key");
    ParseFacebookUtils.Initialize("Your Facebook App Id");
    // Other initialization
    }
    

There are two main ways to use Facebook with your Parse users: (1) logging in as a Facebook user and creating a ParseUser, or (2) linking Facebook to an existing ParseUser.

It is up to you to record any data that you need from the Facebook user after they authenticate. To accomplish this, you can use Microsoft's Facebook SDK.

Login & Signup

ParseFacebookUtils provides a way to allow your ParseUsers to log in or sign up through Facebook. This is accomplished using the LogInAsync() method. To display Facebook's web browser OAuth flow to your users, you'll need to pass LogInAsync a web browser control (which you'll usually define in XAML) and dismiss it when you've completed login:

// Make your browser control visible
ParseUser user = await ParseFacebookUtils.LogInAsync(browser, null);
// Hide your browser control

When this code is run, the following happens:

  1. The user is shown the Facebook login dialog.
  2. The user authenticates via Facebook, and your app receives a callback.
  3. Our SDK receives the user's Facebook access data and saves it to a ParseUser. If no ParseUser exists with the same Facebook ID, then a new ParseUser is created.
  4. The awaited Task completes and your code continues executing.
  5. The current user reference will be updated to this user.

You may optionally provide a list of strings that specifies what permissions your app requires from the Facebook user. For example:

// Make your browser control visible
try
{
    ParseUser user = await ParseFacebookUtils.LogInAsync(
        browser, new[] { "user_likes", "email" });
    // The user logged in with Facebook!
}
catch
{
    // User cancelled the Facebook login or did not fully authorize.
}
// Hide your browser control

ParseUser integration doesn't require any permissions to work out of the box (ie. null or specifying no permissions is perfectly acceptable). Read more about permissions on Facebook's developer guide.

Linking

If you want to associate an existing ParseUser with a Facebook account, you can link it like so:

if (!ParseFacebookUtils.IsLinked(user))
{
    // Make your browser control visible
    try
    {
        await ParseFacebookUtils.LinkAsync(user, browser, null);
        // The user logged in with Facebook!
    }
    catch
    {
        // User cancelled the Facebook login or did not fully authorize.
    }
    // Hide your browser control
}

The steps that happen when linking are very similar to log in. The difference is that on successful login, the existing ParseUser is updated with the Facebook information. Future logins via Facebook will now log the user into their existing account.

If you want to unlink a Facebook account from a user, simply do this:

await ParseFacebookUtils.UnlinkAsync(user);

Single Sign-on for Windows 8

WinRT lets you implement single sign-on with Facebook using its [WebAuthenticationBroker](http://msdn.microsoft.com/library/windows/apps/br227025) API. This allows users to log into Facebook once and then share that login across all of their apps, so they don't have to re-enter their username and password for every app.

Parse supports single sign-on with Facebook using this mechanism. Adding it to your app requires just two steps:

  1. Add your app's Package Security Identifier to your Facebook App settings page under "Windows Store ID". You can easily get this ID by calling:
    WebAuthenticationBroker.GetCurrentApplicationCallbackUri().AbsoluteUri
    
    The identifier is everything after "ms-app://".
  2. Instead of showing and hiding a browser control as described above, use the simpler ParseFacebookUtils APIs that take only a list of permissions:

    // Log into Facebook using Single Sign-on
    ParseUser user = await ParseFacebookUtils.LogInAsync(permissions);
    
    // Link the current user to Facebook using Single Sign-on
    await ParseFacebookUtils.LinkAsync(ParseUser.CurrentUser, permissions);
    

Single Sign-on for Windows Phone

The Facebook app for Windows Phone makes signing into apps with Facebook easy for users by providing a mechanism for single sign-on. Once a user has signed into the Facebook app on their device, when they sign into apps that use Facebook login, they will not need to re-enter their email address and password for each app. This works by temporarily navigating to the Facebook app in order to provide authorization for the app logging in.

Parse supports single sign-on using this mechanism. To add support to your app:

  1. You will need to locate your app's product ID. During development, you can find this in your app's WMAppManifest.xml. When you submit your app to the store for the first time, your app will be assigned a new product ID, which you'll need to add to your app as described below. Whenever you use your product ID while following this guide, you should remove any of the following characters: '-', '{', '}'.
  2. You will need to configure your WMAppManifest.xml file as described here.aspx#BKMK_URIassociations) to have your app handle URIs with the following protocol:
    <Protocol Name="msft-{ProductId}"
          NavUriFragment="encodedLaunchUri=%s"
          TaskID="_default" />
    
  3. Add your product ID to your Facebook app settings page under "Windows Phone Store ID".
  4. Add the following code to your application's App.xaml.cs in the InitializePhoneApplication() method:

    RootFrame.Navigating += async (sender, e) =>
    {
    if (ParseFacebookUtils.IsLogInRedirect(e.Uri))
    {
        // This code is called when the Facebook app returns control to your app.
        // You must provide a landing page URI, which ParseFacebookUtils will
        // navigate to as it waits for the user to be created or logged into
        // your Parse app.
        var user = await ParseFacebookUtils.EndLogInAsync(sender,
            e, new Uri("/LandingPage.xaml", UriKind.Relative));
    
            // If you await the return value of this method, you can begin using the
        // new user once it becomes available or catch any errors.
    }
    };
    
  5. To initiate Facebook a Facebook login (and switch to the Facebook app), add the following code:
ParseFacebookUtils.BeginLogin(permissions);

Facebook SDK and Parse

Microsoft provides an open-source SDK for making Graph API requests to Facebook. The SDK is available on NuGet, and you can learn more about it from their website.

To use the Facebook SDK to fetch information about the current user, for example, you would install it using NuGet and then write code similar to this:

var fb = new FacebookClient();
fb.AccessToken = ParseFacebookUtils.AccessToken;
var me = await fb.GetTaskAsync("me");

With the AccessToken provided by ParseFacebookUtils, you should be able to use your choice of 3rd party Facebook SDKs to interact with Facebook on behalf of your user.

Want to contribute to this doc? Edit this section.
Was this section helpful? NO YES Thanks for your feedback, we’re always working to make our docs better.

Sessions

Sessions represent an instance of a user logged into a device. Sessions are automatically created when users log in or sign up. They are automatically deleted when users log out. There is one distinct ParseSession object for each user-installation pair; if a user issues a login request from a device they're already logged into, that user's previous ParseSession object for that Installation is automatically deleted. ParseSession objects are stored on Parse in the Session class, and you can view them on the Parse.com Data Browser. We provide a set of APIs to manage ParseSession objects in your app.

Session APIs are only available in apps with revocable sessions enabled. Parse apps created after March 25, 2015 have this enabled by default ("Require Revocable Sessions" toggle in your Parse.com app settings page). If you have an existing app, you can upgrade to revocable sessions by following the Session Migration Tutorial.

ParseSession is a subclass of ParseObject, so you can query, update, and delete sessions in the same way that you manipulate normal objects on Parse. Because the Parse Cloud automatically creates sessions when you log in or sign up users, you should not manually create ParseSession objects unless you are building a "Parse for IoT" app (e.g. Arduino or Embedded C). Deleting a ParseSession will log the user out of the device that is currently using this session's token.

Unlike other Parse objects, the ParseSession class does not have Cloud Code triggers. So you cannot register a beforeSave or afterSave handler for the Session class.

Properties

The ParseSession object has these special fields:

Handling Invalid Session Token Error

Apps created before March 25, 2015 use legacy session tokens until you migrate them to use the new revocable sessions. On API requests with legacy tokens, if the token is invalid (e.g. User object was deleted), then the request is executed as a non-logged in user and no error was returned. On API requests with revocable session tokens, an invalid session token will always fail with the "invalid session token" error. This new behavior lets you know when you need to ask the user to log in again.

With revocable sessions, your current session token could become invalid if its corresponding ParseSession object is deleted from the Parse Cloud. This could happen if you implement a Session Manager UI that lets users log out of other devices, or if you manually delete the session via Cloud Code, REST API, or Data Browser. Sessions could also be deleted due to automatic expiration (if configured in app settings). When a device's session token no longer corresponds to a ParseSession object on the Parse Cloud, all API requests from that device will fail with “Error 209: invalid session token”.

To handle this error, we recommend writing a global utility function that is called by all of your Parse request error callbacks. You can then handle the "invalid session token" error in this global function. You should prompt the user to login again so that they can obtain a new session token. This code could look like this:

@interface ParseErrorHandlingController : NSObject

+ (void)handleParseError:(NSError *)error;

@end

@implementation ParseErrorHandlingController

+ (void)handleError:(NSError *)error {
  if (![error.domain isEqualToString:PFParseErrorDomain]) {
    return;
  }

  switch (error.code) {
    case kPFErrorInvalidSessionToken: {
      [self _handleInvalidSessionTokenError];
      break;
    }
    ... // Other Parse API Errors that you want to explicitly handle.
  }
}

+ (void)_handleInvalidSessionTokenError {
  //--------------------------------------
  // Option 1: Show a message asking the user to log out and log back in.
  //--------------------------------------
  // If the user needs to finish what they were doing, they have the opportunity to do so.
  //
  // UIAlertView *alertView = [[UIAlertView alloc] initWithTitle:@"Invalid Session"
  //                                                     message:@"Session is no longer valid, please log out and log in again."
  //                                                    delegate:self
  //                                           cancelButtonTitle:@"Not Now"
  //                                           otherButtonTitles:@"OK"];
  // [alertView show];

  //--------------------------------------
  // Option #2: Show login screen so user can re-authenticate.
  //--------------------------------------
  // You may want this if the logout button is inaccessible in the UI.
  //
  // UIViewController *presentingViewController = [[UIApplication sharedApplication].keyWindow.rootViewController;
  // PFLogInViewController *logInViewController = [[PFLogInViewController alloc] init];
  // [presentingViewController presentViewController:logInViewController animated:YES completion:nil];
}

@end

// In all API requests, call the global error handler, e.g.
[[PFQuery queryWithClassName:@"Object"] findInBackgroundWithBlock:^(NSArray *objects, NSError *error) {
  if (!error) {
    // Query succeeded - continue your app logic here.
  } else {
    // Query failed - handle an error.
    [ParseErrorHandlingController handleParseError:error];
  }
}];
class ParseErrorHandlingController {
  class func handleParseError(error: NSError) {
    if error.domain != PFParseErrorDomain {
      return
    }

    switch (error.code) {
    case kPFErrorInvalidSessionToken:
      handleInvalidSessionTokenError()

    ... // Other Parse API Errors that you want to explicitly handle.
  }

  private class func handleInvalidSessionTokenError() {
    //--------------------------------------
    // Option 1: Show a message asking the user to log out and log back in.
    //--------------------------------------
    // If the user needs to finish what they were doing, they have the opportunity to do so.
    //
    // let alertView = UIAlertView(
    //   title: "Invalid Session",
    //   message: "Session is no longer valid, please log out and log in again.",
    //   delegate: nil,
    //   cancelButtonTitle: "Not Now",
    //   otherButtonTitles: "OK"
    // )
    // alertView.show()

    //--------------------------------------
    // Option #2: Show login screen so user can re-authenticate.
    //--------------------------------------
    // You may want this if the logout button is inaccessible in the UI.
    //
    // let presentingViewController = UIApplication.sharedApplication().keyWindow?.rootViewController
    // let logInViewController = PFLogInViewController()
    // presentingViewController?.presentViewController(logInViewController, animated: true, completion: nil)
  }
}

// In all API requests, call the global error handler, e.g.
let query = PFQuery(className: "Object")
query.findObjectsInBackgroundWithBlock { (objects: [AnyObject]!, error: NSError!) -> Void in
  if error == nil {
    // Query Succeeded - continue your app logic here.
  } else {
    // Query Failed - handle an error.
    ParseErrorHandlingController.handleParseError(error)
  }
}
public class ParseErrorHandler {
  public static void handleParseError(ParseException e) {
    switch (e.getCode()) {
      case INVALID_SESSION_TOKEN: handleInvalidSessionToken()
        break;

      ... // Other Parse API errors that you want to explicitly handle
    }
  }

  private static void handleInvalidSessionToken() {
    //--------------------------------------
    // Option 1: Show a message asking the user to log out and log back in.
    //--------------------------------------
    // If the user needs to finish what they were doing, they have the opportunity to do so.
    //
    // new AlertDialog.Builder(getActivity())
    //   .setMessage("Session is no longer valid, please log out and log in again.")
    //   .setCancelable(false).setPositiveButton("OK", ...).create().show();

    //--------------------------------------
    // Option #2: Show login screen so user can re-authenticate.
    //--------------------------------------
    // You may want this if the logout button could be inaccessible in the UI.
    //
    // startActivityForResult(new ParseLoginBuilder(getActivity()).build(), 0);
  }
});

// In all API requests, call the global error handler, e.g.
query.findInBackground(new FindCallback<ParseObject>() {
  public void done(List<ParseObject> results, ParseException e) {
    if (e == null) {
      // Query successful, continue other app logic
    } else {
      // Query failed
      ParseErrorHandler.handleParseError(e);
    }
  }
});
function handleParseError(err) {
  switch (err.code) {
    case Parse.Error.INVALID_SESSION_TOKEN:
      Parse.User.logOut();
      ... // If web browser, render a log in screen
      ... // If Express.js, redirect the user to the log in route
      break;

    ... // Other Parse API errors that you want to explicitly handle
  }
}

// For each API request, call the global error handler
query.find().then(function() {
  ...
}, function(err) {
  handleParseError(err);
});
public class ParseErrorHandler {
  public static void HandleParseError(ParseException e) {
    switch (e.Code) {
      case ParseException.ErrorCode.InvalidSessionToken:
        HandleInvalidSessionToken()
        break;

      ... // Other Parse API errors that you want to explicitly handle
    }
  }

  private static void HandleInvalidSessionToken() {
    //--------------------------------------
    // Option 1: Show a message asking the user to log out and log back in.
    //--------------------------------------
    // If the user needs to finish what they were doing, they have the opportunity to do so.

    //--------------------------------------
    // Option #2: Show login screen so user can re-authenticate.
    //--------------------------------------
    // You may want this if the logout button is inaccessible in the UI.
  }
});

// In all API requests, call the global error handler, e.g.
query.FindAsync().ContinueWith(t => {
  if (t.IsFaulted) {
    // Query Failed - handle an error.
    ParseErrorHandler.HandleParseError(t.Exception.InnerException as ParseException);
  } else {
    // Query Succeeded - continue your app logic here.
  }
});
public class ParseErrorHandler {
  public static handleParseError(ParseException $e) {
    $code = $e->getCode();
    switch ($code) {
      case: 209: // INVALID_SESSION_TOKEN
        ParseUser::logOut();
        ... // Redirect the to login page.
        break;

      ... // Other Parse API errors that you want to explicitly handle
    }
  }
});

// For each API request, call the global error handler
try {
  $results = $query->find();
  // ...
} catch (ParseException $e) {
  ParseErrorHandler::handleParseError($e)
}

Security

ParseSession objects can only be accessed by the user specified in the user field. All ParseSession objects have an ACL that is read and write by that user only. You cannot change this ACL. This means querying for sessions will only return objects that match the current logged-in user.

When you log in a user via ParseUser.LogInInBackground(), Parse will automatically create a new unrestricted ParseSession object in the Parse Cloud. Same for signups and Facebook/Twitter logins.

Session objects manually created from client SDKs (by creating an instance of ParseSession, and saving it) are always restricted. You cannot manually create an unrestricted sessions using the object creation API.

Restricted sessions are prohibited from creating, modifying, or deleting any data in the ParseUser, ParseSession, and ParseRole classes. Restricted session also cannot read unrestricted sessions. Restricted Sessions are useful for "Parse for IoT" devices (e.g Arduino or Embedded C) that may run in a less-trusted physical environment than mobile apps. However, please keep in mind that restricted sessions can still read data on ParseUser, ParseSession, and ParseRole classes, and can read/write data in any other class just like a normal session. So it is still important for IoT devices to be in a safe physical environment and ideally use encrypted storage to store the session token.

If you want to prevent restricted Sessions from modifying classes other than ParseUser, ParseSession, or ParseRole, you can write a Cloud Code beforeSave handler for that class:

Parse.Cloud.beforeSave("MyClass", function(request, response) {
  Parse.Session.current().then(function(session) {
    if (session.get('restricted')) {
      response.error('write operation not allowed');
    }
    response.success();
  });
});

You can configure Class-Level Permissions (CLPs) for the Session class just like other classes on Parse. CLPs restrict reading/writing of sessions via the ParseSession API, but do not restrict Parse Cloud's automatic session creation/deletion when users log in, sign up, and log out. We recommend that you disable all CLPs not needed by your app. Here are some common use cases for Session CLPs:

Want to contribute to this doc? Edit this section.
Was this section helpful? NO YES Thanks for your feedback, we’re always working to make our docs better.

Roles

As your app grows in scope and user-base, you may find yourself needing more coarse-grained control over access to pieces of your data than user-linked ACLs can provide. To address this requirement, Parse supports a form of Role-based Access Control. Roles provide a logical way of grouping users with common access privileges to your Parse data. Roles are named objects that contain users and other roles. Any permission granted to a role is implicitly granted to its users as well as to the users of any roles that it contains.

For example, in your application with curated content, you may have a number of users that are considered "Moderators" and can modify and delete content created by other users. You may also have a set of users that are "Administrators" and are allowed all of the same privileges as Moderators, but can also modify the global settings for the application. By adding users to these roles, you can ensure that new users can be made moderators or administrators, without having to manually grant permission to every resource for each user.

We provide a specialized class called ParseRole that represents these role objects in your client code. ParseRole is a subclass of ParseObject, and has all of the same features, such as a flexible schema, automatic persistence, and a key value interface. All the methods that are on ParseObject also exist on ParseRole. The difference is that ParseRole has some additions specific to management of roles.

Properties

ParseRole has several properties that set it apart from ParseObject:

Security for Role Objects

The ParseRole uses the same security scheme (ACLs) as all other objects on Parse, except that it requires an ACL to be set explicitly. Generally, only users with greatly elevated privileges (e.g. a master user or Administrator) should be able to create or modify a Role, so you should define its ACLs accordingly. Remember, if you give write-access to a ParseRole to a user, that user can add other users to the role, or even delete the role altogether.

To create a new ParseRole, you would write:

// By specifying no write privileges for the ACL, we can ensure the role cannot be altered.
var roleACL = new ParseACL()
roleACL.PublicReadAccess = true;
var role = new ParseRole("Administrator", roleACL);
await role.SaveAsync();

You can add users and roles that should inherit your new role's permissions through the "users" and "roles" relations on ParseRole:

var role = new ParseRole(roleName, roleACL);
foreach (ParseUser user in usersToAddToRole)
{
    role.Users.Add(user);
}
foreach (ParseRole childRole in rolesToAddToRole)
{
    role.Roles.Add(childRole);
}
await role.SaveAsync();

Take great care when assigning ACLs to your roles so that they can only be modified by those who should have permissions to modify them.

Security for Other Objects

Now that you have created a set of roles for use in your application, you can use them with ACLs to define the privileges that their users will receive. Each ParseObject can specify a ParseACL, which provides an access control list that indicates which users and roles should be granted read or write access to the object.

Giving a role read or write permission to an object is straightforward. You can either use the ParseRole:

var moderators = await (from role in ParseRole.Query
                        where role.Name == "Moderators"
                        select role).FirstAsync();
var wallPost = new ParseObject("WallPost");
var postACL = new ParseACL();
postACL.SetRoleWriteAccess(moderators, true);
wallPost.ACL = postACL;
await wallPost.SaveAsync();

You can avoid querying for a role by specifying its name for the ACL:

var wallPost = new ParseObject("WallPost");
var postACL = new ParseACL();
postACL.SetRoleWriteAccess("Moderators", true);
wallPost.ACL = postACL;
await wallPost.SaveAsync();

Role Hierarchy

As described above, one role can contain another, establishing a parent-child relationship between the two roles. The consequence of this relationship is that any permission granted to the parent role is implicitly granted to all of its child roles.

These types of relationships are commonly found in applications with user-managed content, such as forums. Some small subset of users are "Administrators", with the highest level of access to tweaking the application's settings, creating new forums, setting global messages, and so on. Another set of users are "Moderators", who are responsible for ensuring that the content created by users remains appropriate. Any user with Administrator privileges should also be granted the permissions of any Moderator. To establish this relationship, you would make your "Administrators" role a child role of "Moderators", like this:

ParseRole administrators = /* Your "Administrators" role */;
ParseRole moderators = /* Your "Moderators" role */;
moderators.Roles.Add(administrators);
await moderators.SaveAsync();
Want to contribute to this doc? Edit this section.
Was this section helpful? NO YES Thanks for your feedback, we’re always working to make our docs better.

Files

The ParseFile

ParseFile lets you store application files in the cloud that would otherwise be too large or cumbersome to fit into a regular ParseObject. The most common use case is storing images but you can also use it for documents, videos, music, and any other binary data (up to 10 megabytes).

Getting started with ParseFile is easy. First, you'll need to have the data in byte[] or Stream form and then create a ParseFile with it. In this example, we'll just use a string:

byte[] data = System.Text.Encoding.UTF8.GetBytes("Working at Parse is great!");
ParseFile file = new ParseFile("resume.txt", data);

Notice in this example that we give the file a name of resume.txt. There's two things to note here:

Next you'll want to save the file up to the cloud. As with ParseObject, you can call SaveAsync to save the file to Parse.

await file.SaveAsync();

Finally, after the save completes, you can assign a ParseFile into a ParseObject just like any other piece of data:

var jobApplication = new ParseObject("JobApplication");
jobApplication["applicantName"] = "Joe Smith";
jobApplication["applicantResumeFile"] = file;
await jobApplication.SaveAsync();

Retrieving it back involves downloading the resource at the ParseFile's Url. Here we retrieve the resume file off another JobApplication object:

var applicantResumeFile = anotherApplication.Get<ParseFile>("applicantResumeFile");
string resumeText = await new HttpClient().GetStringAsync(applicantResumeFile.Url);

Progress

It's easy to get the progress of ParseFile uploads by passing a Progress object to SaveAsync. For example:

byte[] data = System.Text.Encoding.UTF8.GetBytes("Working at Parse is great!");
ParseFile file = new ParseFile("resume.txt", data);

await file.SaveAsync(new Progress<ParseUploadProgressEventArgs>(e => {
    // Check e.Progress to get the progress of the file upload
}));

You can delete files that are referenced by objects using the REST API. You will need to provide the master key in order to be allowed to delete a file.

If your files are not referenced by any object in your app, it is not possible to delete them through the REST API. You may request a cleanup of unused files in your app's Settings page. Keep in mind that doing so may break functionality which depended on accessing unreferenced files through their URL property. Files that are currently associated with an object will not be affected.

Want to contribute to this doc? Edit this section.
Was this section helpful? NO YES Thanks for your feedback, we’re always working to make our docs better.

GeoPoints

Parse allows you to associate real-world latitude and longitude coordinates with an object. Adding a ParseGeoPoint to a ParseObject allows queries to take into account the proximity of an object to a reference point. This allows you to easily do things like find out what user is closest to another user or which places are closest to a user.

ParseGeoPoint

To associate a point with an object you first need to create a ParseGeoPoint. For example, to create a point with latitude of 40.0 degrees and -30.0 degrees longitude:

var point = new ParseGeoPoint(40.0, -30.0);

This point is then stored in the object as a regular field.

placeObject["location"] = point;

Note: Currently only one key in a class may be a ParseGeoPoint.

Geo Queries

Now that you have a bunch of objects with spatial coordinates, it would be nice to find out which objects are closest to a point. This can be done by adding another restriction to a ParseQuery using WhereNear. Getting a list of ten places that are closest to a user may look something like:

// User's location
var userGeoPoint = ParseUser.CurrentUser.Get<ParseGeoPoint>("location");
// Create a query for places
var query = ParseObject.GetQuery("PlaceObject");
//Interested in locations near user.
query = query.WhereNear("location", userGeoPoint);
// Limit what could be a lot of points.
query = query.Limit(10);
// Final list of nearby places
var placeObjects = await query.FindAsync();

At this point placesObjects will be an IEnumerable<ParseObject> of PlaceObjects ordered by distance (nearest to farthest) from userGeoPoint.

To limit the results using distance check out WhereWithinDistance,.

It's also possible to query for the set of objects that are contained within a particular area. To find the objects in a rectangular bounding box, add the WhereWithinGeoBox restriction to your ParseQuery.

var swOfSF = new ParseGeoPoint(37.708813, -122.526398);
var neOfSF = new ParseGeoPoint(37.822802, -122.373962);
var query = ParseObject.GetQuery("PizzaPlaceObject")
    .WhereWithinGeoBox("location", swOfSF, neOfSF);
var pizzaPlacesInSF = await query.FindAsync();

Geo Distances

Parse makes it easy to find the distance between two GeoPoints and query based upon that distance. For example, to get a distance in kilometers between two points, you can use the DistanceTo method:

ParseGeoPoint p1 = /* Some location */;
ParseGeoPoint p2 = /* Some other location */;
double distanceInKm = p1.DistanceTo(p2).Kilometers;

You can also query for ParseObjects within a radius using a ParseGeoDistance. For example, to find all places within 5 miles of a user, you would use the WhereWithinDistance method:

ParseGeoPoint userGeoPoint = ParseUser.CurrentUser.Get<ParseGeoPoint>("location");
ParseQuery<ParseObject> query = ParseObject.GetQuery("PlaceObject")
    .WhereWithinDistance("location", userGeoPoint, ParseGeoDistance.FromMiles(5));
IEnumerable<ParseObject> nearbyLocations = await query.FindAsync();
// nearbyLocations contains PlaceObjects within 5 miles of the user's location

At this point, nearbyLocations will be an array of objects ordered by distance (nearest to farthest) from userGeoPoint. Note that if an additional OrderBy() constraint is applied, it will take precedence over the distance ordering.

Caveats

At the moment there are a couple of things to watch out for:

  1. Each ParseObject class may only have one key with a ParseGeoPoint object.
  2. Using the whereNear constraint will also limit results to within 100 miles.
  3. Points should not equal or exceed the extreme ends of the ranges. Latitude should not be -90.0 or 90.0. Longitude should not be -180.0 or 180.0. Attempting to set latitude or longitude out of bounds will cause an error.
Want to contribute to this doc? Edit this section.
Was this section helpful? NO YES Thanks for your feedback, we’re always working to make our docs better.

Relations

There are three kinds of relationships. One-to-one relationships enable one object to be associated with another object. One-to-many relationships enable one object to have many related objects. Finally, many-to-many relationships enable complex relationships among many objects.

There are four ways to build relationships in Parse:

One-to-Many

When you’re thinking about one-to-many relationships and whether to implement Pointers or Arrays, there are several factors to consider. First, how many objects are involved in this relationship? If the "many" side of the relationship could contain a very large number (greater than 100 or so) of objects, then you have to use Pointers. If the number of objects is small (fewer than 100 or so), then Arrays may be more convenient, especially if you typically need to get all of the related objects (the "many" in the "one-to-many relationship") at the same time as the parent object.

Using Pointers

Let's say we have a game app. The game keeps track of the player's score and achievements every time she chooses to play. In Parse, we can store this data in a single Game object. If the game becomes incredibly successful, each player will store thousands of Game objects in the system. For circumstances like this, where the number of relationships can be arbitrarily large, Pointers are the best option.

Suppose in this game app, we want to make sure that every Game object is associated with a Parse User. We can implement this like so:

ParseObject game = new ParseObject("Game");
game.put("createdBy", ParseUser.getCurrentUser());
PFObject *game= [PFObject objectWithClassName:@"Game"];
[game setObject:[PFUser currentUser] forKey:@"createdBy"];
let game = PFObject(className:"Game")
game["createdBy"] = PFUser.currentUser()
$game = ParseObject::create("Game");
$game->set("createdBy", ParseUser::getCurrentUser());
var game = new ParseObject("Game");
game["createdBy"] = ParseUser.CurrentUser;
var game = new Parse.Object("Game");
game.set("createdBy", Parse.User.current());

We can obtain all of the Game objects created by a Parse User with a query:

ParseQuery<ParseObject> gameQuery = ParseQuery.getQuery("Game");
gameQuery.whereEqualTo("createdBy", ParseUser.getCurrentUser());
PFQuery *gameQuery = [PFQuery queryWithClassName:@"Game"];
[gameQuery whereKey:@"createdBy" equalTo:[PFUser currentUser]];
let gameQuery = PFQuery(className:"Game")
if let user = PFUser.currentUser() {
  gameQuery.whereKey("createdBy", equalTo: user)
}
$gameQuery = new ParseQuery("Game");
$gameQuery->equalTo("createdBy", ParseUser::getCurrentUser());
var query = ParseObject.getQuery("Game").WhereEqualTo("createdBy", ParseUser.CurrentUser);
var query = new Parse.Query("Game");
query.equalTo("createdBy", Parse.User.current());

And, if we want to find the Parse User who created a specific Game, that is a lookup on the createdBy key:

// say we have a Game object
ParseObject game = ...

// getting the user who created the Game
ParseUser createdBy = game.getUser("createdBy");
// say we have a Game object
PFObject *game = ...

// getting the user who created the Game
PFUser *createdBy = [game objectForKey@"createdBy"];
// say we have a Game object
let game = ...

// getting the user who created the Game
let createdBy = game["createdBy"]
// say we have a Game object
$game = ...

// getting the user who created the Game
$user = $game["createdBy"];
// say we have a Game object
ParseObject game = ...

// getting the user who created the Game
ParseUser user = game["createdBy"];
// say we have a Game object
var game = ...

// getting the user who created the Game
var user = game.get("createdBy");

For most scenarios, Pointers will be your best bet for implementing one-to-many relationships.

Using Arrays

Arrays are ideal when we know that the number of objects involved in our one-to-many relationship are going to be small. Arrays will also provide some productivity benefit via the includeKey parameter. Supplying the parameter will enable you to obtain all of the "many" objects in the "one-to-many" relationship at the same time that you obtain the "one" object. However, the response time will be slower if the number of objects involved in the relationship turns out to be large.

Suppose in our game, we enabled players to keep track of all the weapons their character has accumulated as they play, and there can only be a dozen or so weapons. In this example, we know that the number of weapons is not going to be very large. We also want to enable the player to specify the order in which the weapons will appear on screen. Arrays are ideal here because the size of the array is going to be small and because we also want to preserve the order the user has set each time they play the game:

Let's start by creating a column on our Parse User object called weaponsList.

Now let's store some Weapon objects in the weaponsList:

// let's say we have four weapons
ParseObject scimitar = ...
ParseObject plasmaRifle = ...
ParseObject grenade = ...
ParseObject bunnyRabbit = ...

// stick the objects in an array
ArrayList<ParseObject> weapons = new ArrayList<ParseObject>();
weapons.add(scimitar);
weapons.add(plasmaRifle);
weapons.add(grenade);
weapons.add(bunnyRabbit);

// store the weapons for the user
ParseUser.getCurrentUser().put("weaponsList", weapons);
// let's say we have four weapons
PFObject *scimitar = ...
PFObject *plasmaRifle = ...
PFObject *grenade = ...
PFObject *bunnyRabbit = ...

// stick the objects in an array
NSArray *weapons = @[scimitar, plasmaRifle, grenade, bunnyRabbit];

// store the weapons for the user
[[PFUser currentUser] setObject:weapons forKey:@weaponsList"];
// let's say we have four weapons
let scimitar = ...
let plasmaRifle = ...
let grenade = ...
let bunnyRabbit = ...

// stick the objects in an array
let weapons = [scimitar, plasmaRifle, grenade, bunnyRabbit]

// store the weapons for the user
let user = PFUser.currentUser()
user["weaponsList"] = weapons
// let's say we have four weapons
$scimitar = ...
$plasmaRifle = ...
$grenade = ...
$bunnyRabbit = ...

// stick the objects in an array
$weapons = [$scimitar, $plasmaRifle, $grenade, $bunnyRabbit];

// store the weapons for the user
$user = ParseUser::getCurrentUser();
$user->set("weaponsList", weapons);
// no c# example
// no js example

Later, if we want to retrieve the Weapon objects, it's just one line of code:

ArrayList<ParseObject> weapons = ParseUser.getCurrentUser().get("weaponsList");
NSArray *weapons = [[PFUser currentUser] objectForKey:@"weaponsList"];
// No Swift example.
// Want to contribute to this doc? https://github.com/ParsePlatform/Docs/issues/21
// no php example
// Want to contribute to this doc? https://github.com/ParsePlatform/Docs
// no c# example
// Want to contribute to this doc? https://github.com/ParsePlatform/Docs
// no js example
// Want to contribute to this doc? https://github.com/ParsePlatform/Docs

Sometimes, we will want to fetch the "many" objects in our one-to-many relationship at the same time as we fetch the "one" object. One trick we could employ is to use the includeKey (or include in Android) parameter whenever we use a Parse Query to also fetch the array of Weapon objects (stored in the weaponsList column) along with the Parse User object:

// set up our query for a User object
ParseQuery<ParseUser> userQuery = ParseUser.getQuery();

// configure any constraints on your query...
// for example, you may want users who are also playing with or against you
// tell the query to fetch all of the Weapon objects along with the user
// get the "many" at the same time that you're getting the "one"
userQuery.include("weaponsList");

// execute the query
userQuery.findInBackground(new FindCallback<ParseUser>() {
  public void done(List<ParseUser> userList, ParseException e) {
    // userList contains all of the User objects, and their associated Weapon objects, too
  }
});
// set up our query for a User object
PFQuery *userQuery = [PFUser query];

// configure any constraints on your query...
// for example, you may want users who are also playing with or against you

// tell the query to fetch all of the Weapon objects along with the user
// get the "many" at the same time that you're getting the "one"
[userQuery includeKey:@"weaponsList"];

// execute the query
[userQuery findObjectsInBackgroundWithBlock:^(NSArray *objects, NSError *error) {
    // objects contains all of the User objects, and their associated Weapon objects, too
}];
// No Swift example.
// Want to contribute to this doc? https://github.com/ParsePlatform/Docs/issues/21
// no php example
// Want to contribute to this doc? https://github.com/ParsePlatform/Docs
// no c# example
// Want to contribute to this doc? https://github.com/ParsePlatform/Docs
// no js example
// Want to contribute to this doc? https://github.com/ParsePlatform/Docs

You can also get the "one" side of the one-to-many relationship from the "many" side. For example, if we want to find all Parse User objects who also have a given Weapon, we can write a constraint for our query like this:

// add a constraint to query for whenever a specific Weapon is in an array
userQuery.whereEqualTo("weaponsList", scimitar);

// or query using an array of Weapon objects...
userQuery.whereEqualTo("weaponsList", arrayOfWeapons);
// add a constraint to query for whenever a specific Weapon is in an array
[userQuery whereKey:@"weaponsList" equalTo:scimitar];

// or query using an array of Weapon objects...
[userQuery whereKey:@"weaponsList" containedIn:arrayOfWeapons];
// No Swift example.
// Want to contribute to this doc? https://github.com/ParsePlatform/Docs/issues/21
// no php example
// Want to contribute to this doc? https://github.com/ParsePlatform/Docs
// no c# example
// Want to contribute to this doc? https://github.com/ParsePlatform/Docs
// no js example
// Want to contribute to this doc? https://github.com/ParsePlatform/Docs

Many-to-Many

Now let’s tackle many-to-many relationships. Suppose we had a book reading app and we wanted to model Book objects and Author objects. As we know, a given author can write many books, and a given book can have multiple authors. This is a many-to-many relationship scenario where you have to choose between Arrays, Parse Relations, or creating your own Join Table.

The decision point here is whether you want to attach any metadata to the relationship between two entities. If you don’t, Parse Relation or using Arrays are going to be the easiest alternatives. In general, using arrays will lead to higher performance and require fewer queries. If either side of the many-to-many relationship could lead to an array with more than 100 or so objects, then, for the same reason Pointers were better for one-to-many relationships, Parse Relation or Join Tables will be better alternatives.

On the other hand, if you want to attach metadata to the relationship, then create a separate table (the "Join Table") to house both ends of the relationship. Remember, this is information about the relationship, not about the objects on either side of the relationship. Some examples of metadata you may be interested in, which would necessitate a Join Table approach, include:

Using Parse Relations

Using Parse Relations, we can create a relationship between a Book and a few Author objects. In the Data Browser, you can create a column on the Book object of type relation and name it authors.

After that, we can associate a few authors with this book:

// let’s say we have a few objects representing Author objects
ParseObject authorOne =
ParseObject authorTwo =
ParseObject authorThree =

// now we create a book object
ParseObject book = new ParseObject("Book");

// now let’s associate the authors with the book
// remember, we created a "authors" relation on Book
ParseRelation<ParseObject> relation = book.getRelation("authors");
relation.add(authorOne);
relation.add(authorTwo);
relation.add(authorThree);

// now save the book object
book.saveInBackground();
// let’s say we have a few objects representing Author objects
PFObject *authorOne = …
PFObject *authorTwo = …
PFObject *authorThree = …

// now we create a book object
PFObject *book= [PFObject objectWithClassName:@"Book"];

// now let’s associate the authors with the book
// remember, we created a "authors" relation on Book
PFRelation *relation = [book relationForKey:@"authors"];
[relation addObject:authorOne];
[relation addObject:authorTwo];
[relation addObject:authorThree];

// now save the book object
[book saveInBackground];
// No Swift example.
// Want to contribute to this doc? https://github.com/ParsePlatform/Docs/issues/21
// no php example
// Want to contribute to this doc? https://github.com/ParsePlatform/Docs
// no c# example
// Want to contribute to this doc? https://github.com/ParsePlatform/Docs
// no js example
// Want to contribute to this doc? https://github.com/ParsePlatform/Docs

To get the list of authors who wrote a book, create a query:

// suppose we have a book object
ParseObject book = ...

// create a relation based on the authors key
ParseRelation relation = book.getRelation("authors");

// generate a query based on that relation
ParseQuery query = relation.getQuery();

// now execute the query
// suppose we have a book object
PFObject *book = ...

// create a relation based on the authors key
PFRelation *relation = [book relationForKey:@"authors"];

// generate a query based on that relation
PFQuery *query = [relation query];

// now execute the query
// No Swift example.
// Want to contribute to this doc? https://github.com/ParsePlatform/Docs/issues/21
// no php example
// Want to contribute to this doc? https://github.com/ParsePlatform/Docs
// no c# example
// Want to contribute to this doc? https://github.com/ParsePlatform/Docs
// no js example
// Want to contribute to this doc? https://github.com/ParsePlatform/Docs

Perhaps you even want to get a list of all the books to which an author contributed. You can create a slightly different kind of query to get the inverse of the relationship:

// suppose we have a author object, for which we want to get all books
ParseObject author = ...

// first we will create a query on the Book object
ParseQuery<ParseObject> query = ParseQuery.getQuery("Book");

// now we will query the authors relation to see if the author object we have
// is contained therein
query.whereEqualTo("authors", author);
// suppose we have a author object, for which we want to get all books
PFObject *author = ...

// first we will create a query on the Book object
PFQuery *query = [PFQuery queryWithClassName:@"Book"];

// now we will query the authors relation to see if the author object
// we have is contained therein
[query whereKey:@"authors" equalTo:author];
// No Swift example.
// Want to contribute to this doc? https://github.com/ParsePlatform/Docs/issues/21
// no php example
// Want to contribute to this doc? https://github.com/ParsePlatform/Docs
// no c# example
// Want to contribute to this doc? https://github.com/ParsePlatform/Docs
// no js example
// Want to contribute to this doc? https://github.com/ParsePlatform/Docs

Using Join Tables

There may be certain cases where we want to know more about a relationship. For example, suppose we were modeling a following/follower relationship between users: a given user can follow another user, much as they would in popular social networks. In our app, we not only want to know if User A is following User B, but we also want to know when User A started following User B. This information could not be contained in a Parse Relation. In order to keep track of this data, you must create a separate table in which the relationship is tracked. This table, which we will call Follow, would have a from column and a to column, each with a pointer to a Parse User. Alongside the relationship, you can also add a column with a Date object named date.

Now, when you want to save the following relationship between two users, create a row in the Follow table, filling in the from, to, and date keys appropriately:

// suppose we have a user we want to follow
ParseUser otherUser = ...

// create an entry in the Follow table
ParseObject follow = new ParseObject("Follow");
follow.put("from", ParseUser.getCurrentUser());
follow.put("to", otherUser);
follow.put("date", Date());
follow.saveInBackground();
// suppose we have a user we want to follow
PFUser *otherUser = ...

// create an entry in the Follow table
PFObject *follow = [PFObject objectWithClassName:@"Follow"];
[follow setObject:[PFUser currentUser]  forKey:@"from"];
[follow setObject:otherUser forKey:@"to"];
[follow setObject:[NSDate date] forKey@"date"];
[follow saveInBackground];
// No Swift example.
// Want to contribute to this doc? https://github.com/ParsePlatform/Docs/issues/21
// no php example
// Want to contribute to this doc? https://github.com/ParsePlatform/Docs
// no c# example
// Want to contribute to this doc? https://github.com/ParsePlatform/Docs
// no js example
// Want to contribute to this doc? https://github.com/ParsePlatform/Docs

If we want to find all of the people we are following, we can execute a query on the Follow table:

// set up the query on the Follow table
ParseQuery<ParseObject> query = ParseQuery.getQuery("Follow");
query.whereEqualTo("from", ParseUser.getCurrentUser());

// execute the query
query.findInBackground(newFindCallback<ParseObject>() {
    public void done(List<ParseObject> followList, ParseException e) {

    }
});
// set up the query on the Follow table
PFQuery *query = [PFQuery queryWithClassName:@"Follow"];
[query whereKey:@"from" equalTo:[PFUser currentUser]];

// execute the query
[query findObjectsInBackgroundWithBlock:^(NSArray *objects, NSError *error) {
  for(PFObject *o in objects) {
    // o is an entry in the Follow table
    // to get the user, we get the object with the to key
    PFUser *otherUser = [o objectForKey@"to"];

    // to get the time when we followed this user, get the date key
    PFObject *when = [o objectForKey@"date"];
  }
}];
// No Swift example.
// Want to contribute to this doc? https://github.com/ParsePlatform/Docs/issues/21
// no php example
// Want to contribute to this doc? https://github.com/ParsePlatform/Docs
// no c# example
// Want to contribute to this doc? https://github.com/ParsePlatform/Docs
// no js example
// Want to contribute to this doc? https://github.com/ParsePlatform/Docs

It’s also pretty easy to find all the users that are following the current user by querying on the to key:

// set up the query on the Follow table
ParseQuery<ParseObject> query = ParseQuery.getQuery("Follow");
query.whereEqualTo("to", ParseUser.getCurrentUser());

// execute the query
query.findInBackground(newFindCallback<ParseObject>() {
    public void done(List<ParseObject> followList, ParseException e) {

    }
});
// set up the query on the Follow table
PFQuery *query = [PFQuery queryWithClassName:@"Follow"];
[query whereKey:@"to" equalTo:[PFUser currentUser]];

[query findObjectsInBackgroundWithBlock:^(NSArray *objects, NSError *error) {
  for(PFObject *o in objects) {
     // o is an entry in the Follow table
     // to get the user, we get the object with the from key
    PFUser *otherUser = [o objectForKey@"from"];

    // to get the time the user was followed, get the date key
    PFObject *when = [o objectForKey@"date"];
  }
}];
// No Swift example.
// Want to contribute to this doc? https://github.com/ParsePlatform/Docs/issues/21
// no php example
// Want to contribute to this doc? https://github.com/ParsePlatform/Docs
// no c# example
// Want to contribute to this doc? https://github.com/ParsePlatform/Docs
// no js example
// Want to contribute to this doc? https://github.com/ParsePlatform/Docs

Using an Array

Arrays are used in Many-to-Many relationships in much the same way that they are for One-to-Many relationships. All objects on one side of the relationship will have an Array column containing several objects on the other side of the relationship.

Suppose we have a book reading app with Book and Author objects. The Book object will contain an Array of Author objects (with a key named authors). Arrays are a great fit for this scenario because it's highly unlikely that a book will have more than 100 or so authors. We will put the Array in the Book object for this reason. After all, an author could write more than 100 books.

Here is how we save a relationship between a Book and an Author.

// let's say we have an author
ParseObject author = ...

// and let's also say we have an book
ParseObject book = ...

// add the author to the authors list for the book
book.put("authors", author);
// let's say we have an author
PFObject *author = ...

// and let's also say we have an book
PFObject *book = ...

// add the author to the authors list for the book
[book addObject:author forKey:@"authors"];
// No Swift example.
// Want to contribute to this doc? https://github.com/ParsePlatform/Docs/issues/21
// no php example
// Want to contribute to this doc? https://github.com/ParsePlatform/Docs
// no c# example
// Want to contribute to this doc? https://github.com/ParsePlatform/Docs
// no js example
// Want to contribute to this doc? https://github.com/ParsePlatform/Docs

Because the author list is an Array, you should use the includeKey (or include on Android) parameter when fetching a Book so that Parse returns all the authors when it also returns the book:

// set up our query for the Book object
ParseQuery bookQuery = ParseQuery.getQuery("Book");

// configure any constraints on your query...
// tell the query to fetch all of the Author objects along with the Book
bookQuery.include("authors");

// execute the query
bookQuery.findInBackground(newFindCallback<ParseObject>() {
    public void done(List<ParseObject> bookList, ParseException e) {
    }
});
// set up our query for the Book object
PFQuery *bookQuery = [PFQuery queryWithClassName:@"Book"];

// configure any constraints on your query...
// tell the query to fetch all of the Author objects along with the Book
[bookQuery includeKey:@"authors"];

// execute the query
[bookQuery findObjectsInBackgroundWithBlock:^(NSArray *objects, NSError *error) {
    // objects is all of the Book objects, and their associated
    // Author objects, too
}];
// No Swift example.
// Want to contribute to this doc? https://github.com/ParsePlatform/Docs/issues/21
// no php example
// Want to contribute to this doc? https://github.com/ParsePlatform/Docs
// no c# example
// Want to contribute to this doc? https://github.com/ParsePlatform/Docs
// no js example
// Want to contribute to this doc? https://github.com/ParsePlatform/Docs

At that point, getting all the Author objects in a given Book is a pretty straightforward call:

ArrayList<ParseObject> authorList = book.getList("authors");
NSArray *authorList = [book objectForKey@"authors"];
// No Swift example.
// Want to contribute to this doc? https://github.com/ParsePlatform/Docs/issues/21
// no php example
// Want to contribute to this doc? https://github.com/ParsePlatform/Docs
// no c# example
// Want to contribute to this doc? https://github.com/ParsePlatform/Docs
// no js example
// Want to contribute to this doc? https://github.com/ParsePlatform/Docs

Finally, suppose you have an Author and you want to find all the Book objects in which she appears. This is also a pretty straightforward query with an associated constraint:

// set up our query for the Book object
ParseQuery bookQuery = ParseQuery.getQuery("Book");

// configure any constraints on your query...
booKQuery.whereEqualTo("authors", author);

// tell the query to fetch all of the Author objects along with the Book
bookQuery.include("authors");

// execute the query
bookQuery.findInBackground(newFindCallback<ParseObject>() {
    public void done(List<ParseObject> bookList, ParseException e) {

    }
});
// suppose we have an Author object
PFObject *author = ...

// set up our query for the Book object
PFQuery *bookQuery = [PFQuery queryWithClassName:@"Book"];

// configure any constraints on your query...
[bookQuery whereKey:@"authors" equalTo:author];

// tell the query to fetch all of the Author objects along with the Book
[bookQuery includeKey:@"authors"];

// execute the query
[bookQuery findObjectsInBackgroundWithBlock:^(NSArray *objects, NSError *error) {
    // objects is all of the Book objects, and their associated Author objects, too
}];
// No Swift example.
// Want to contribute to this doc? https://github.com/ParsePlatform/Docs/issues/21
// no php example
// Want to contribute to this doc? https://github.com/ParsePlatform/Docs
// no c# example
// Want to contribute to this doc? https://github.com/ParsePlatform/Docs
// no js example
// Want to contribute to this doc? https://github.com/ParsePlatform/Docs

One-to-One

In Parse, a one-to-one relationship is great for situations where you need to split one object into two objects. These situations should be rare, but two examples include:

Thank you for reading this far. We apologize for the complexity. Modeling relationships in data is a hard subject, in general. But look on the bright side: it's still easier than relationships with people.

Want to contribute to this doc? Edit this section.
Was this section helpful? NO YES Thanks for your feedback, we’re always working to make our docs better.

Handling Errors

Parse has a few simple patterns for surfacing errors and handling them in your code.

There are two types of errors you may encounter. The first is those dealing with logic errors in the way you're using the SDK. These types of errors result in general Exception being raised. For an example take a look at the following code:

var user = new ParseUser();
await user.SignUpAsync();

This will throw an InvalidOperationException because SignUpAsync was called without first setting the required properties (Username and Password).

The second type of error is one that occurs when interacting with the Parse Cloud over the network. These errors are either related to problems connecting to the cloud or problems performing the requested operation. Let's take a look at another example:

await ParseObject.GetQuery("Note").GetAsync("thisObjectIdDoesntExist");

In the above code, we try to fetch an object with a non-existent ObjectId. The Parse Cloud will return an error -- so here's how to handle it properly:

try
{
    await ParseObject.GetQuery("Note").GetAsync(someObjectId);
    // Everything went fine!
}
catch (ParseException e)
{
    if (e.Code == ParseException.ErrorCode.ObjectNotFound)
    {
        // Uh oh, we couldn't find the object!
    }
    else
    {
        // Some other error occurred
    }
}

By default, all connections have a timeout of 10 seconds, so tasks will not hang indefinitely.

For a list of all possible ErrorCode types, scroll down to Error Codes, or see the ParseException.ErrorCode section of the .NET API.

Want to contribute to this doc? Edit this section.
Was this section helpful? NO YES Thanks for your feedback, we’re always working to make our docs better.

Data

Valid Data Types

We've designed the Parse SDKs so that you typically don't need to worry about how data is saved while using the client SDKs. Simply add data to the ParseObject, and it'll be saved correctly.

Nevertheless, there are some cases where it's useful to be aware of how data is stored on the Parse platform.

Internally, Parse stores data as JSON, so any datatype that can be converted to JSON can be stored on Parse. The framework can also handle Date and File types. Overall, the following types are allowed for each field in your object:

The type Object simply denotes that each value can be composed of nested objects that are JSON-encodable. Keys including the characters $ or ., along with the key __type key, are reserved for the framework to handle additional types, so don't use those yourself.

We do not recommend storing large pieces of binary data like images or documents in a ParseObject. ParseObjects should not exceed 128 kilobytes in size. We recommend you use Files to store images, documents, and other types of files. You can do so by instantiating a %{ParseFile} object and setting it on a field.

Data Type Lock-in

When a class is initially created, it doesn't have an inherent schema defined. This means that for the first object, it could have any types of fields you want.

However, after a field has been set at least once, that field is locked into the particular type that was saved. For example, if a ParseUser object is saved with field name of type String, that field will be restricted to the String type only (our SDK will return an error if you try to save anything else).

One special case is that any field can be set to null, no matter what type it is.

The Data Browser

The Data Browser is the web UI where you can update and create objects in each of your apps. Here, you can see the raw JSON values that are saved that represents each object in your class.

When using the interface, keep in mind the following:

The Data Browser is also a great place to test the Cloud Code validations contained in your Cloud Code functions (such as beforeSave). These are run whenever a value is changed or object is deleted from the Data Browser, just as they would be if the value was changed or deleted from your client code.

Importing Data

You may import data into your Parse app by using CSV or JSON files. To create a new class with data from a CSV or JSON file, go to the Data Browser and click the "Import" button on the left hand column.

The JSON format is an array of objects in our REST format or a JSON object with a results that contains an array of objects. It must adhere to the JSON standard. A file containing regular objects could look like:

{ "results": [
  {
    "score": 1337,
    "playerName": "Sean Plott",
    "cheatMode": false,
    "createdAt": "2012-07-11T20:56:12.347Z",
    "updatedAt": "2012-07-11T20:56:12.347Z",
    "objectId": "fchpZwSuGG"
  }]
}

Objects in either format should contain keys and values that also satisfy the following:

Normally, when objects are saved to Parse, they are automatically assigned a unique identifier through the objectId field, as well as a createdAt field and updatedAt field which represent the time that the object was created and last modified in the Parse Cloud. These fields can be manually set when data is imported from a JSON file. Please keep in mind the following:

In addition to the exposed fields, objects in the Parse User class can also have the bcryptPassword field set. The value of this field is a String that is the bcrypt hashed password + salt in the modular crypt format described in this StackOverflow answer. Most OpenSSL based bcrypt implementations should have built-in methods to produce these strings.

A file containing a ParseUser object could look like:

{ "results":
  [{
    "username": "cooldude",
    "createdAt": "1983-09-13T22:42:30.548Z",
    "updatedAt": "2015-09-04T10:12:42.137Z",
    "objectId": "ttttSEpfXm",
    "sessionToken": "dfwfq3dh0zwe5y2sqv514p4ib",
    "bcryptPassword": "$2a$10$ICV5UeEf3lICfnE9W9pN9.O9Ved/ozNo7G83Qbdk5rmyvY8l16MIK"
  }]
}

Note that in CSV the import field types are limited to String, Boolean, and Number.

Exporting your Data

You can request an export of your data at any time from your app's Settings page. The data export runs at a lower priority than production queries, so if your app is still serving queries, production traffic will always be given a higher priority, which may slow down the delivery of your data export.

Export Formats

Each collection will be exported in the same JSON format used by our REST API and delivered in a single zipped file. Since data is stored internally as JSON, this allows us to ensure that the export closely matches how the data is saved to Parse. Other formats such as CSV cannot represent all of the data types supported by Parse without losing information. If you'd like to work with your data in CSV format, you can use any of the JSON-to-CSV converters available widely on the web.

Offline Analysis

For offline analysis of your data, we highly recommend using alternate ways to access your data that do not require extracting the entire collection at once. For example, you can try exporting only the data that has changed since your last export. Here are some ways of achieving this:

Want to contribute to this doc? Edit this section.
Was this section helpful? NO YES Thanks for your feedback, we’re always working to make our docs better.

Security

As your app development progresses, you will want to use Parse's security features in order to safeguard data. This document explains the ways in which you can secure your apps.

If your app is compromised, it's not only you as the developer who suffers, but potentially the users of your app as well. Continue reading for our suggestions for sensible defaults and precautions to take before releasing your app into the wild.

Client vs. Server

When an app first connects to Parse, it identifies itself with an Application ID and a Client key (or REST Key, or .NET Key, or JavaScript Key, depending on which platform you're using). These are not secret and by themselves they do not secure an app. These keys are shipped as a part of your app, and anyone can decompile your app or proxy network traffic from their device to find your client key. This exploit is even easier with JavaScript — one can simply "view source" in the browser and immediately find your client key.

This is why Parse has many other security features to help you secure your data. The client key is given out to your users, so anything that can be done with just the client key is doable by the general public, even malicious hackers.

The master key, on the other hand, is definitely a security mechanism. Using the master key allows you to bypass all of your app's security mechanisms, such as class-level permissions and ACLs. Having the master key is like having root access to your app's servers, and you should guard your master key with the same zeal with which you would guard your production machines' root password.

The overall philosophy is to limit the power of your clients (using client keys), and to perform any sensitive actions requiring the master key in Cloud Code. You'll learn how to best wield this power in the section titled Implementing Business Logic in Cloud Code.

A final note: All connections are made with HTTPS and SSL, and Parse will reject all non-HTTPS connections. As a result, you don't need to worry about man-in-the-middle attacks.

Class-Level Permissions

The second level of security is at the schema and data level. Enforcing security measures at this level will restrict how and when client applications can access and create data on Parse. When you first begin developing your Parse application, all of the defaults are set so that you can be a more productive developer. For example:

You can configure any of these permissions to apply to everyone, no one, or to specific users or roles in your app. Roles are groups that contain users or other roles, which you can assign to an object to restrict its use. Any permission granted to a role is also granted to any of its children, whether they are users or other roles, enabling you to create an access hierarchy for your apps. Each of the Parse guides includes a detailed description of employing Roles in your apps.

Once you are confident that you have the right classes and relationships between classes in your app, you should begin to lock it down by doing the following:

Almost every class that you create should have these permissions tweaked to some degree. For classes where every object has the same permissions, class-level settings will be most effective. For example, one common use case entails having a class of static data that can be read by anyone but written by no one.

Restricting class creation

As a start, you can configure your application so that clients cannot create new classes on Parse. This is done from the Settings tab on the Data Browser. Scroll down to the App Permissions section and turn off Allow client class creation. Once enabled, classes may only be created from the Data Browser. This will prevent attackers from filling your database with unlimited, arbitrary new classes.

Configuring CLPs

Parse lets you specify what operations are allowed per class. This lets you restrict the ways in which clients can access or modify your classes. To change these settings, go to the Data Browser, select a class, open the "More" dropdown, and click the "Set permissions" item.

You can configure the client's ability to perform each of the following operations for the selected class:

For each of the above actions, you can grant permission to all users (which is the default), or lock permissions down to a list of roles and users. For example, a class that should be available to all users would be set to read-only by only enabling get and find. A logging class could be set to write-only by only allowing creates. You could enable moderation of user-generated content by providing update and delete access to a particular set of users or roles.

Object-Level Access Control

Once you've locked down your schema and class-level permissions, it's time to think about how data is accessed by your users. Object-level access control enables one user's data to be kept separate from another's, because sometimes different objects in a class need to be accessible by different people. For example, a user’s private personal data should be accessible only to them.

Parse also supports the notion of anonymous users for those apps that want to store and protect user-specific data without requiring explicit login.

When a user logs into an app, they initiate a session with Parse. Through this session they can add and modify their own data but are prevented from modifying other users' data.

Access Control Lists

The easiest way to control who can access which data is through access control lists, commonly known as ACLs. The idea behind an ACL is that each object has a list of users and roles along with what permissions that user or role has. A user needs read permissions (or must belong to a role that has read permissions) in order to retrieve an object's data, and a user needs write permissions (or must belong to a role that has write permissions) in order to update or delete that object.

Once you have a User, you can start using ACLs. Remember: Users can be created through traditional username/password signup, through a third-party login system like Facebook or Twitter, or even by using Parse's automatic anonymous users functionality. To set an ACL on the current user's data to not be publicly readable, all you have to do is:

PFUser *user = [PFUser currentUser];
user.ACL = [PFACL ACLWithUser:user];
if let user = PFUser.currentUser() {
    user.ACL = PFACL(user: user)
}
ParseUser user = ParseUser.getCurrentUser();
user.setACL(new ParseACL(user));
var user = Parse.User.current();
user.setACL(new Parse.ACL(user));
// no c# example
// no php example

Most apps should do this. If you store any sensitive user data, such as email addresses or phone numbers, you need to set an ACL like this so that the user's private information isn't visible to other users. If an object doesn't have an ACL, it's readable and writeable by everyone. The only exception is the _User class. We never allow users to write each other's data, but they can read it by default. (If you as the developer need to update other _User objects, remember that your master key can provide the power to do this.)

To make it super easy to create user-private ACLs for every object, we have a way to set a default ACL that will be used for every new object you create:

[PFACL setDefaultACL:[PFACL ACL] withAccessForCurrentUser:YES];
PFACL.setDefaultACL(PFACL(), withAccessForCurrentUser: true)
ParseACL.setDefaultACL(new ParseACL(), true);
// no js example
// no c# example
// no php example

If you want the user to have some data that is public and some that is private, it's best to have two separate objects. You can add a pointer to the private data from the public one.

PFObject *privateData = [PFObject objectWithClassName:@"PrivateUserData"];
privateData.ACL = [PFACL ACLWithUser:[PFUser currentUser]];
[privateData setObject:@"555-5309" forKey:@"phoneNumber"];

[[PFUser currentUser] setObject:privateData forKey:@"privateData"];
if let currentUser = PFUser.currentUser() {
    let privateData = PFObject(className: "PrivateUserData")
    privateData.ACL = PFACL(user: currentUser)
    privateData.setObject("555-5309", forKey: "phoneNumber")
    currentUser.setObject(privateData, forKey: "privateData")
}
ParseObject privateData = new ParseObject("PrivateUserData");
privateData.setACL(new ParseACL(ParseUser.getCurrentUser()));
privateData.put("phoneNumber", "555-5309");

ParseUser.getCurrentUser().put("privateData", privateData);
var privateData = Parse.Object.extend("PrivateUserData");
privateData.setACL(new Parse.ACL(Parse.User.current()));
privateData.set("phoneNumber", "555-5309");

Parse.User.current().set("privateData", privateData);
// no c# example
// no php example

Of course, you can set different read and write permissions on an object. For example, this is how you would create an ACL for a public post by a user, where anyone can read it:

PFACL *acl = [PFACL ACL];
[acl setPublicReadAccess:true];
[acl setWriteAccess:true forUser:[PFUser currentUser]];
let acl = PFACL()
acl.setPublicReadAccess(true)
if let currentUser = PFUser.currentUser() {
    acl.setWriteAccess(true, forUser: currentUser)
}
ParseACL acl = new ParseACL();
acl.setPublicReadAccess(true);
acl.setWriteAccess(ParseUser.getCurrentUser(), true);
var acl = new Parse.ACL();
acl.setPublicReadAccess(true);
acl.setWriteAccess(Parse.User.current().id, true);
// no c# example
// no php example

Sometimes it's inconvenient to manage permissions on a per-user basis, and you want to have groups of users who get treated the same (like a set of admins with special powers). Roles are are a special kind of object that let you create a group of users that can all be assigned to the ACL. The best thing about roles is that you can add and remove users from a role without having to update every single object that is restricted to that role. To create an object that is writeable only by admins:

// Assuming you've already created a role called "admins"...
PFACL *acl = [PFACL ACL];
[acl setPublicReadAccess:true];
[acl setWriteAccess:true forRoleWithName:@"admins"];
let acl = PFACL()
acl.setPublicReadAccess(true)
acl.setWriteAccess(true, forRoleWithName: "admins")
// Assuming you've already created a role called "admins"...
ParseACL acl = new ParseACL();
acl.setPublicReadAccess(true);
acl.setRoleWriteAccess("admins", true);
var acl = new Parse.ACL();
acl.setPublicReadAccess(true);
acl.setRoleWriteAccess("admins", true);
// no c# example
// no php example

Of course, this snippet assumes you've already created a role named "admins". This is often reasonable when you have a small set of special roles set up while developing your app. Roles can also be created and updated on the fly — for example, adding new friends to a "friendOf_" role after each connection is made.

All this is just the beginning. Applications can enforce all sorts of complex access patterns through ACLs and class-level permissions. For example:

For the curious, here's the format for an ACL that restricts read and write permissions to the owner (whose objectId is identified by "aSaMpLeUsErId") and enables other users to read the object:

{ 
    "*": { "read":true }, 
    "aSaMpLeUsErId": { "read" :true, "write": true } 
}

And here's another example of the format of an ACL that uses a Role:

{ 
    "role:RoleName": { "read": true }, 
    "aSaMpLeUsErId": { "read": true, "write": true } 
}

Data Integrity in Cloud Code

For most apps, care around keys, class-level permissions, and object-level ACLs are all you need to keep your app and your users' data safe. Sometimes, though, you'll run into an edge case where they aren't quite enough. For everything else, there's Cloud Code.

Cloud Code allows you to upload JavaScript to Parse's servers, where we will run it for you. Unlike client code running on users' devices that may have been tampered with, Cloud Code is guaranteed to be the code that you've written, so it can be trusted with more responsibility.

One particularly common use case for Cloud Code is preventing invalid data from being stored. For this sort of situation, it's particularly important that a malicious client not be able to bypass the validation logic.

To create validation functions, Cloud Code allows you to implement a beforeSave trigger for your class. These triggers are run whenever an object is saved, and allow you to modify the object or completely reject a save. For example, this is how you create a Cloud Code beforeSave trigger to make sure every user has an email address set:

Parse.Cloud.beforeSave(Parse.User, function(request, response) {
  var user = request.object;
  if (!user.get("email")) { 
    response.error("Every user must have an email address.");
  } else { 
    response.success();
  }
});

Our Cloud Code guide provides instructions on how to upload this trigger to our servers.

Validations can lock down your app so that only certain values are acceptable. You can also use afterSave validations to normalize your data (e.g. formatting all phone numbers or currency identically). You get to retain most of the productivity benefits of accessing Parse data directly from your client applications, but you can also enforce certain invariants for your data on the fly.

Common scenarios that warrant validation include:

Implementing Business Logic in Cloud Code

While validation often makes sense in Cloud Code, there are likely certain actions that are particularly sensitive, and should be as carefully guarded as possible. In these cases, you can remove permissions or the logic from clients entirely and instead funnel all such operations to Cloud Code functions.

When a Cloud Code function is called, it can invoke the useMasterKey function to gain the ability to modify user data. With the master key, your Cloud Code function can override any ACLs and write data. This means that it'll bypass all the security mechanisms you've put in place in the previous sections.

Say you want to allow a user to "like" a Post object without giving them full write permissions on the object. You can do this by having the client call a Cloud Code function instead of modifying the Post itself:

The master key should be used carefully. When invoked, the master key is in effect for the duration of the Cloud Code function in which it is called:

Parse.Cloud.define("like", function(request, response) {
  Parse.Cloud.useMasterKey();
  // Everything after this point will bypass ACLs and other security
  // even if I do things besides just updating a Post object.
});

A more prudent way to use the master key would be to pass it as a parameter on a per-function basis. For example, instead of the above, set useMasterKey to true in each individual API function:

Parse.Cloud.define("like", function(request, response) {
  var post = new Parse.Object("Post");
  post.id = request.params.postId;
  post.increment("likes");
  post.save(null, { useMasterKey: true }).then(function() { 
    // If I choose to do something else here, it won't be using 
    // the master key and I'll be subject to ordinary security measures. 
    response.success();
  }, function(error) { 
    response.error(error);
  });
});

One very common use case for Cloud Code is sending push notifications to particular users. In general, clients can't be trusted to send push notifications directly, because they could modify the alert text, or push to people they shouldn't be able to. Your app's settings will allow you to set whether "client push" is enabled or not; we recommend that you make sure it's disabled. Instead, you should write Cloud Code functions that validate the data to be pushed and sender before sending a push.

Parse Security Summary

Parse provides a number of ways for you to secure data in your app. As you build your app and evaluate the kinds of data you will be storing, you can make the decision about which implementation to choose.

It is worth repeating that that the Parse User object is readable by all other users by default. You will want to set the ACL on your User object accordingly if you wish to prevent data contained in the User object (for example, the user's email address) from being visible by other users.

Most classes in your app will fall into one of a couple of easy-to-secure categories. For fully public data, you can use class-level permissions to lock down the table to put publicly readable and writeable by no one. For fully private data, you can use ACLs to make sure that only the user who owns the data can read it. But occasionally, you'll run into situations where you don't want data that’s fully public or fully private. For example, you may have a social app, where you have data for a user that should be readable only to friends whom they’ve approved. For this you'll need to a combination of the techniques discussed in this guide to enable exactly the sharing rules you desire.

We hope that you'll use these tools to do everything you can to keep your app's data and your users' data secure. Together, we can make the web a safer place.

Want to contribute to this doc? Edit this section.
Was this section helpful? NO YES Thanks for your feedback, we’re always working to make our docs better.

Push Notifications

Push Notifications are a great way to keep your users engaged and informed about your app. You can reach your entire user base quickly and effectively. This guide will help you through the setup process and the general usage of Parse to send push notifications.

If you haven't installed the SDK yet, please head over to the Push QuickStart to get our SDK up and running.

The .NET SDK can send push notifications from all runtimes, but only Windows 8, Windows Phone 8, and Xamarin apps can receive pushes from the push servers.

Setting Up Push

Currently .NET SDK can receive push on Windows 8, Windows Phone 8, Xamarin iOS and Xamarin Android.

Push on Windows 8

If you want to start using push on Windows 8, start by completing the Windows 8 Push tutorial to learn how to configure your app. Come back to this guide afterwards to learn more about the push features offered by Parse.

Push on Windows Phone 8

Windows Phone 8 supports authenticated and unauthenticated push notifications. Authenticated push notifications are not supported at this time. In the meantime, enjoy toast push notifications without any required setup. Some things you need to keep in mind:

Push on Xamarin iOS

If you want to start using push on Xamarin iOS, start by completing the iOS Push tutorial to learn how to configure your push certificate.

Push on Xamarin Android

If you want to start using push on Unity Android, start by completing Android Push tutorial to learn how to configure your app.

Installations

Every Parse application installed on a device registered for push notifications has an associated Installation object. The Installation object is where you store all the data needed to target push notifications. For example, in a baseball app, you could store the teams a user is interested in to send updates about their performance. Saving the Installation object is also required for tracking push-related app open events.

On .NET, Installation objects are available through the ParseInstallation class, a subclass of ParseObject. It uses the same API for storing and retrieving data. To access the current Installation object from your .NET app, use the ParseInstallation.CurrentInstallation property.

While it is possible to modify a ParseInstallation just like you would a ParseObject, there are several special fields that help manage and target devices.

Sending Pushes

There are two ways to send push notifications using Parse: channels and advanced targeting. Channels offer a simple and easy to use model for sending pushes, while advanced targeting offers a more powerful and flexible model. Both are fully compatible with each other and will be covered in this section.

Sending notifications is often done from the Parse.com push console, the REST API or from Cloud Code. However, push notifications can also be triggered by the existing client SDKs. If you decide to send notifications from the client SDKs, you will need to set Client Push Enabled in the Push Notifications settings of your Parse app.

However, be sure you understand that enabling Client Push can lead to a security vulnerability in your app, as outlined on our blog. We recommend that you enable Client Push for testing purposes only, and move your push notification logic into Cloud Code when your app is ready to go into production.

You can view your past push notifications on the Parse.com push console for up to 30 days after creating your push. For pushes scheduled in the future, you can delete the push on the push console as long as no sends have happened yet. After you send the push, the push console shows push analytics graphs.

Using Channels

The simplest way to start sending notifications is using channels. This allows you to use a publisher-subscriber model for sending pushes. Devices start by subscribing to one or more channels, and notifications can later be sent to these subscribers. The channels subscribed to by a given Installation are stored in the channels field of the Installation object.

Subscribing to Channels

A channel is identified by a string that starts with a letter and consists of alphanumeric characters, underscores, and dashes. It doesn't need to be explicitly created before it can be used and each Installation can subscribe to any number of channels at a time.

An installation's channels can be set using the Channels property of ParseInstallation. For example, in a baseball socre app, we could do:

// When users indicate they are Giants fans, we subscribe them to that channel.
var installation = ParseInstallation.CurrentInstallation;
installation.Channels = new List<string> { "Giants" };
await installation.SaveAsync();

Alternatively, you can insert a channel into Channels without affecting the existing channels using the AddUniqueToList method of ParseObject using the following:

var installation = ParseInstallation.CurrentInstallation;
installation.AddUniqueToList("channels", "Giants");
await installation.SaveAsync();

Finally, ParsePush provides a shorthand for inserting a channel into Channels and saving:

await ParsePush.SubscribeAsync("Giants");

Once subscribed to the "Giants" channel, your Installation object should have an updated channels field.

Unsubscribing from a channel is just as easy:

var installation = ParseInstallation.CurrentInstallation;
installation.RemoveAllFromList("channels" new List<string> { "Giants" });
await installation.SaveAsync();

Or, using ParsePush:

    ParsePush.UnsubscribeAsync("Giants");

The set of subscribed channels is cached in the CurrentInstallation object:

var installation = ParseInstallation.CurrentInstallation
IEnumerable<string> subscribedChannels = installation.Channels;

If you plan on changing your channels from Cloud Code or the data browser, note that you'll need to call FetchAsync prior to this line in order to get the most recent channels.

Sending Pushes to Channels

In the .NET SDK, the following code can be used to alert all subscribers of the "Giants" channel that their favorite team just scored. This will display a toast notification to Windows users. iOS users will receive a notification in the notification center and Android users will receive a notification in the system tray.

// Send a notification to all devices subscribed to the "Giants" channel.
var push = new ParsePush();
push.Channels = new List<string> {"Giants"};
push.Alert = "The Giants just scored!";
await push.SendAsync();

If you want to target multiple channels with a single push notification, you can use any IEnumerable<string> of channels.

Using Advanced Targeting

While channels are great for many applications, sometimes you need more precision when targeting the recipients of your pushes. Parse allows you to write a query for any subset of your Installation objects using the querying API and to send them a push.

Since ParseInstallation is a subclass of ParseObject, you can save any data you want and even create relationships between Installation objects and your other objects. This allows you to send pushes to a very customized and dynamic segment of your user base.

Saving Installation Data

Storing data on an Installation object is just as easy as storing any other data on Parse. In our Baseball app, we could allow users to get pushes about game results, scores and injury reports.

// Store the category of push notifications the user would like to receive.
var installation = ParseInstallation.CurrentInstallation;
installation["scores"] = true;
installation["gameResults"] = true;
installation["injuryReports"] = true;
await installation.SaveAsync();

You can even create relationships between your Installation objects and other classes saved on Parse. To associate an Installation with a particular user, for example, you can simply store the current user on the ParseInstallation.

// Associate the device with a user
var installation = ParseInstallation.CurrentInstallation;
installation["user"] = ParseUser.CurrentUser;
await installation.SaveAsync();

Sending Pushes to Queries

Once you have your data stored on your Installation objects, you can use a ParseQuery to target a subset of these devices. Installation queries work just like any other Parse query, but we use the special static property ParseInstallation.Query to create it. We set this query on our ParsePush object, before sending the notification.

var push = new ParsePush();
push.Query = from installation in ParseInstallation.Query
             where installation.Get<bool>("injuryReports") == true
             select installation;
push.Alert = "Willie Hayes injured by own pop fly.";
await push.SendAsync();

We can even use channels with our query. To send a push to all subscribers of the "Giants" channel but filtered by those who want score update, we can do the following:

var push = new ParsePush();
push.Query = from installation in ParseInstallation.Query
             where installation.Get<bool>("scores") == true
             select installation;
push.Channels = new List<string> { "Giants" };
push.Alert = "Giants scored against the A's! It's now 2-2.";
await push.SendAsync();

Alternatively, we can use a query that constrains "channels" directly:

var push = new Parse.Push();
push.Query = from installation in ParseInstallation.Query
             where installation.Get<bool>("scores") == true
             where installation.Channels.Contains("Giants")
             select installation;
push.Alert = "Giants scored against the A's! It's now 2-2.";
await push.SendAsync();

If we store relationships to other objects in our Installation class, we can also use those in our query. For example, we could send a push notification to all users near a given location like this.

// Find users in the Seattle metro area
var userQuery = ParseUser.Query.WhereWithinDistance(
    "location",
    marinersStadium,
    ParseGeoDistance.FromMiles(1));
var push= new ParsePush();
push.Query = from installation in ParseInstallation.Query
             join user in userQuery on installation["user"] equals user
             select installation;
push.Alert = "Mariners lost? Free conciliatory hotdogs at the Parse concession stand!";
await push.SendAsync();

Sending Options

Push notifications can do more than just send a message. On Xamarin, Windows, Windows Phone 8, pushes can also include a title, as well as any custom data you wish to send. An expiration date can also be set for the notification in case it is time sensitive.

Customizing your Notifications

If you want to send more than just a message, you will need to use an IDictionary<string, object> to package all of the data. There are some reserved fields that have a special meaning.

For example, to send a notification that contains a title, you can do the following:

var push = new ParsePush();
push.Channels = new List<string> {"Mets"};
push.Data = new Dictionary<string, object> {
  {"title", "Score Alert"}
  {"alert", "The Mets scored! The game is now tied 1-1!"},
};
await push.SendAsync();

Setting an Expiration Date

When a user's device is turned off or not connected to the internet, push notifications cannot be delivered. If you have a time sensitive notification that is not worth delivering late, you can set an expiration date. This avoids needlessly alerting users of information that may no longer be relevant.

There are two properties provided by the ParsePush class to allow setting an expiration date for your notification. The first is Expiration which simply takes a DateTime? specifying when Parse should stop trying to send the notification.

var push = new ParsePush();
push.Expiration = new DateTime(2015, 8, 14);
push.Alert = "Season tickets on sale until August 14th!";
await push.SendAsync();

There is however a caveat with this method. Since device clocks are not guaranteed to be accurate, you may end up with inaccurate results. For this reason, the ParsePush class also provides the ExpirationInterval property which accepts a TimeSpan. The notification will expire after the specified interval has elapsed.

var push = new ParsePush();
push.ExpirationInterval = TimeSpan.FromDays(7);
push.Alert = "Season tickets on sale until next week!";
await push.SendAsync();

Targeting by Platform

If you build a cross platform app, it is possible you may only want to target one operating system. There are two methods provided to filter which of these devices are targeted. Note that all platforms are targeted by default.

The following example would send a different notification to Android, iOS, and Windows users.

// Notification for Android users
var androidPush = new ParsePush();
androidPush.Alert = "Your suitcase has been filled with tiny robots!";
androidPush.Query = from installation in ParseInstallation.Query
                    where installation.Channels.Contains("suitcaseOwners")
                    where installation.DeviceType == "android"
                    select installation;
await androidPush.SendAsync();

// Notification for iOS users
var iosPush = new ParsePush();
iosPush.Alert = "Your suitcase has been filled with tiny apples!";
iosPush.Query = from installation in ParseInstallation.Query
                where installation.Channels.Contains("suitcaseOwners")
                where installation.DeviceType == "ios"
                select installation;
await iosPush.SendAsync();

// Notification for Windows 8 users
var winPush = new ParsePush();
winPush.Alert = "Your suitcase has been filled with tiny glass!";
winPush.Query = from installation in ParseInstallation.Query
                where installation.Channels.Contains("suitcaseOwners")
                where installation.DeviceType == "winrt"
                select installation;
await winPush.SendAsync();

// Notification for Windows Phone 8 users
var wpPush = new ParsePush();
wpPush.Alert = "Your suitcase is very hip; very metro.";
wpPush.Query = from installation in ParseInstallation.Query
               where installation.Channels.Contains("suitcaseOwners")
               where installation.DeviceType == "winphone"
               select installation;
await wpPush.SendAsync();

Scheduling Pushes

Sending scheduled push notifications is not currently supported by the .NET SDK. Take a look at the REST API, JavaScript SDK or the Parse.com push console.

Receiving Pushes

Responding to the Payload

If your app is running while a push notification is received, the ParsePush.ParsePushNotificationReceived event is fired. You can register for this event. This event provides ParsePushNotificationEventArgs. When Parse sends a toast notification, it embeds the JSON payload in the notification.

ParsePush.ParsePushNotificationReceived += (sender, args) => {
  var payload = args.Payload;
  object objectId;
  if (payload.TryGetValue("objectId", out objectId)) {
    DisplayRichMessageWithObjectId(objectId as string);
  }
};

In Xamarin iOS, you need to call ParsePush.HandlePush inside AppDelegate.ReceivedRemoteNotification

public override void ReceivedRemoteNotification(UIApplication application, NSDictionary userInfo) {
  base.ReceivedRemoteNotification(application, userInfo);

  // We need this to fire userInfo into ParsePushNotificationReceived.
  ParsePush.HandlePush(userInfo);
}

In Windows 8, you may also receive the JSON payload from the LaunchActivatedEventArgs passed to your application's OnLaunched event.

protected override void OnLaunched(LaunchActivatedEventArgs args) {
  var json = ParsePush.PushJson(args);
  object objectId;
  if (json.TryGetValue("objectId", out objectId)) {
    DisplayRichMessageWithObjectId(objectId as string);
  }
};

In Windows Phone 8, this code would instead be in your page's OnNavigatedTo event:

public override void OnNavigatedTo(NavigationEventArgs args) {
  var json = ParsePush.PushJson(args);
  object objectId;
  if (json.TryGetValue("objectId", out objectId)) {
    DisplayRichMessageWithObjectId(objectId as string);
  }
}

Tracking Pushes and App Opens

To track your users' engagement over time and the effect of push notifications, we provide some hooks in the ParseAnalytics class. In the example above, add the following to your Launching event handler to collect information about when your application was opened, and what triggered it.

ParseAnalytics.TrackAppOpenedAsync(launchArgs);

To track push opens, you should always pass your event handler's input args to TrackAppOpenedAsync. A null or empty parameter to TrackAppOpenedAsync will track only a standard app-opened event, not the push-opened event. If you don't track the push-opened event, you will not be able to use advanced analytics features such as push-open graphs and A/B testing.

Please be sure to set up your application to save the Installation object Push open tracking only works when your application's devices are associated with saved Installation objects.

You can view the open rate for a specific push notification on your Parse.com push console. You can also view your application's overall app open and push open graphs on the Parse analytics console. Our push open analytics graphs are rendered in real time, so you can easily verify that your application is sending the correct analytics events before your next release.

Tracking on WinRT Applications

On Windows 8, a toast notification can pass a small payload to the launch handler. We take advantage of this to pass a small Parse payload to the app, in order to correlate an app launch with a particular push.

// Override Application.OnLaunched
virtual void OnLaunched(LaunchActivatedEventArgs args) {
    // 'args' contains arguments that are passed to the app
    // during its launch activation from a Toast.
    // More on Toasts: http://msdn.microsoft.com/en-us/library/windows/apps/hh779727.aspx
    ParseAnalytics.TrackAppOpenedAsync(args);
}

Tracking on Windows Phone Applications

You can also track application launches from toast notifications in Windows Phone 8. To track application launches from toasts and tiles, add the following to your App constructor:

this.Startup += (sender, args) => {
  ParseAnalytics.TrackAppOpens(RootFrame);
};

This method will set up event handlers necessary to track all app launches; you should not use TrackAppOpenedAsync if you register event handlers with TrackAppOpens.

Tracking on Xamarin Applications

This feature is not supported yet in Xamarin Applications.

Push Experiments

You can A/B test your push notifications to figure out the best way to keep your users engaged. With A/B testing, you can simultaneously send two versions of your push notification to different devices, and use each version's push open rates to figure out which one is better. You can test by either message or send time.

A/B Testing

Our web push console guides you through every step of setting up an A/B test.

For each push campaign sent through the Parse web push console, you can allocate a subset of your devices to be in the experiment's test audience, which Parse will automatically split into two equally-sized experiment groups. For each experiment group, you can specify a different push message. The remaining devices will be saved so that you can send the winning message to them later. Parse will randomly assign devices to each group to minimize the chance for a test to affect another test's results (although we still don't recommend running multiple A/B tests over the same devices on the same day).

After you send the push, you can come back to the push console to see in real time which version resulted in more push opens, along with other metrics such as statistical confidence interval. It's normal for the number of recipients in each group to be slightly different because some devices that we had originally allocated to that experiment group may have uninstalled the app. It's also possible for the random group assignment to be slightly uneven when the test audience size is small. Since we calculate open rate separately for each group based on recipient count, this should not significantly affect your experiment results.

If you are happy with the way one message performed, you can send that to the rest of your app's devices (i.e. the “Launch Group”). This step only applies to A/B tests where you vary the message.

Push experiments are supported on all recent Parse SDKs (iOS v1.2.13+, Android v1.4.0+, .NET v1.2.7+). Before running experiments, you must instrument your app with push open tracking.

Experiment Statistics

Parse provides guidance on how to run experiments to achieve statistically significant results.

Test Audience Size

When you setup a push message experiment, we'll recommend the minimum size of your test audience. These recommendations are generated through simulations based on your app's historical push open rates. For big push campaigns (e.g. 100k+ devices), this recommendation is usually small subset of your devices. For smaller campaigns (e.g. < 5k devices), this recommendation is usually all devices. Using all devices for your test audience will not leave any remaining devices for the launch group, but you can still gain valuable insight into what type of messaging works better so you can implement similar messaging in your next push campaign.

Confidence Interval

After you send your pushes to experiment groups, we'll also provide a statistical confidence interval when your experiment has collected enough data to have statistically significant results. This confidence interval is in absolute percentage points of push open rate (e.g. if the open rates for groups A and B are 3% and 5%, then the difference is reported as 2 percentage points). This confidence interval is a measure of how much difference you would expect to see between the two groups if you repeat the same experiment many times.

Just after a push send, when only a small number of users have opened their push notifications, the open rate difference you see between groups A and B could be due to random chance, so it might not be reproducible if you run the same experiment again. After your experiment collects more data over time, we become increasingly confident that the observed difference is a true difference. As this happens, the confidence interval will become narrower, allowing us to more accurately estimate the true difference between groups A and B. Therefore, we recommend that you wait until there is enough data to generate a statistical confidence interval before deciding which group's push is better.

Troubleshooting

Setting up Push Notifications is often a source of frustration for developers. The process is complicated and invites problems to happen along the way. If you run into issues, try some of these troubleshooting tips.

Want to contribute to this doc? Edit this section.
Was this section helpful? NO YES Thanks for your feedback, we’re always working to make our docs better.

Config

Parse Config

ParseConfig is a way to configure your applications remotely by storing a single configuration object on Parse. It enables you to add things like feature gating or a simple "Message of the Day". To start using ParseConfig you need to add a few key/value pairs (parameters) to your app on the Parse Config Dashboard.

After that you will be able to fetch the ParseConfig on the client, like in this example:

ParseConfig config = null;
try {
  config = await ParseConfig.GetAsync();
} catch (Exception e) {
  // Something went wrong (e.g. request timed out)
}

Retrieving Config

ParseConfig is built to be as robust and reliable as possible, even in the face of poor internet connections. Caching is used by default to ensure that the latest successfully fetched config is always available. In the below example we use GetAsync to retrieve the latest version of config from the server, and if the fetch fails we can simply fall back to the version that we successfully fetched before via CurrentConfig.

ParseConfig config = null;
try {
  config = await ParseConfig.GetAsync();
  Console.WriteLine("Yay! Config was fetched from the server.");
} catch (Exception e) {
  Console.WriteLine("Failed to fetch. Using Cached Config.");
  config = ParseConfig.CurrentConfig;
}

string welcomeMessage = null;
boolean result = config.TryGetValue("welcomeMessage", out welcomeMessage);
if (!result) {
  Console.WriteLine("Falling back to default message.");
  welcomeMessage = "Welcome!";
}

Console.WriteLine(String.Format("Welcome Messsage From Config = {0}", welcomeMessage));

Current Config

Every ParseConfig instance that you get is always immutable. When you retrieve a new ParseConfig in the future from the network, it will not modify any existing ParseConfig instance, but will instead create a new one and make it available via ParseConfig.CurrentConfig. Therefore, you can safely pass around any ParseConfig object and safely assume that it will not automatically change.

It might be troublesome to retrieve the config from the server every time you want to use it. You can avoid this by simply using the cached CurrentConfig object and fetching the config only once in a while.

public class Helper
{
  private static TimeSpan configRefreshInterval = TimeSpan.FromHours(12);
  private static DateTime? lastFetchedDate;

  // Fetches the config at most once every 12 hours per app runtime
  public static void FetchConfigIfNeeded()
  {
    if (lastFetchedDate == null ||
        DateTime.Now - lastFetchedDate > configRefreshInterval) {
      lastFetchedDate = DateTime.Now;
      ParseConfig.GetAsync();
    }
  }
}

Parameters

ParseConfig supports most of the data types supported by ParseObject:

We currently allow up to 100 parameters in your config and a total size of 128KB across all parameters.

Want to contribute to this doc? Edit this section.
Was this section helpful? NO YES Thanks for your feedback, we’re always working to make our docs better.

Analytics

Parse provides a number of hooks for you to get a glimpse into the ticking heart of your app. We understand that it's important to understand what your app is doing, how frequently, and when.

While this section will cover different ways to instrument your app to best take advantage of Parse's analytics backend, developers using Parse to store and retrieve data can already take advantage of metrics on Parse.

Without having to implement any client-side logic, you can view real-time graphs and breakdowns (by device type, Parse class name, or REST verb) of your API Requests in your app's dashboard and save these graph filters to quickly access just the data you're interested in.

App-Open / Push Analytics

Our initial analytics hook allows you to track your application being launched. By adding the following line to your Launching event handler, you'll be able to collect data on when and how often your application is opened.

ParseAnalytics.TrackAppOpenedAsync();

Graphs and breakdowns of your statistics are accessible from your app's Dashboard.

Further analytics are available around push notification delivery and open rates. Take a look at the Tracking Pushes and App Opens subsection of our Push Guide for more detailed information on handling remote notification payloads and push-related callbacks.

Custom Analytics

ParseAnalytics also allows you to track free-form events, with a handful of string keys and values. These extra dimensions allow segmentation of your custom events via your app's Dashboard.

Say your app offers search functionality for apartment listings, and you want to track how often the feature is used, with some additional metadata.

var dimensions = new Dictionary<string, string> {
  // Define ranges to bucket data points into meaningful segments
  { "priceRange", "1000-1500" },
  // Did the user filter the query?
  { "source", "craigslist" },
  // Do searches happen more often on weekdays or weekends?
  { "dayType", "weekday" }
};
// Send the dimensions to Parse along with the 'search' event
ParseAnalytics.TrackEventAsync("search", dimensions);

ParseAnalytics can even be used as a lightweight error tracker — simply invoke the following and you'll have access to an overview of the rate and frequency of errors, broken down by error code, in your application:

var errDimensions = new Dictionary<string, string> {
  { "code", Convert.ToString(error.Code) }
};
ParseAnalytics.TrackEventAsync("error", errDimensions );

Note that Parse currently only stores the first eight dimension pairs per call to ParseAnalytics.TrackEventAsync().

Want to contribute to this doc? Edit this section.
Was this section helpful? NO YES Thanks for your feedback, we’re always working to make our docs better.

Cloud Code

What is Cloud Code?

Parse's vision is to let developers build any mobile app without dealing with servers. For complex apps, sometimes you just need a bit of logic that isn't running on a mobile device. Cloud Code makes this possible.

Cloud Code is easy to use because it's built on the same JavaScript SDK that powers thousands of apps. The only difference is that this code runs in the Parse Cloud rather than running on a mobile device. When you update your Cloud Code, it becomes available to all mobile environments instantly. You don't have to wait for a new release of your application. This lets you change app behavior on the fly and add new features faster.

Even if you're only familiar with mobile development, we hope you'll find Cloud Code straightforward and easy to use.

Getting Started

On the computer you use for development, you will need to install Parse's command line tool. This will let you manage your code in the Parse Cloud. You can learn more about the features of the command line tool in the Command Line Tool guide.

Installing the Command Line Tool

Mac/Linux

In Mac OS and Linux/Unix environments, you can get the parse tool by running this command:

curl -s https://www.parse.com/downloads/cloud_code/installer.sh | sudo /bin/bash

This installs a tool named "parse" to /usr/local/bin/parse. There's no other junk, so to uninstall, just delete that file. This will also update your command line tool if you already have it installed.

Windows

The Parse command line tool for Windows is available here.

Setting Up Cloud Code

The next step is to create a directory to store the code that you will run in the cloud. The command parse new sets up this directory, and will prompt you to pick which app you are creating Cloud Code for:

$ parse new MyCloudCode
Email: ninja@gmail.com
Password:
1:MyApp
Select an App: 1
$ cd MyCloudCode

Use the email address and password for your Parse account to log in. If you signed up via OAuth and never set a password, you should now set one by editing your account settings. This will create a directory called MyCloudCode in the current directory. Several files are automatically created for you:

-config/
  global.json
-cloud/
  main.js
-public/
  index.html

The config directory contains a JSON configuration file that you shouldn't normally need to deal with, the cloud directory stores your Cloud Code, and the public directory stores any static content that you want to host on Parse. In the cloud directory, you'll typically just be editing main.js, which stores all of your Cloud Code functions. For now, just check that these files were created successfully. If you're using source control, you can check all of these files in.

We recommend using source control to check in all of these files. If you're not already set up with source control, try this tutorial from GitHub. Keep in mind that these files will contain keys you want to keep private.

A Simple Function

Following ancient tradition, let's see how to run the simplest possible function in the cloud. If you take a look at cloud/main.js, you'll see an example function that just returns a string:

Parse.Cloud.define("hello", function(request, response) {
  response.success("Hello world!");
});

To deploy the code from your machine to the Parse Cloud, run:

$ parse deploy

To run this function once it's deployed, run:

ParseCloud.callFunctionInBackground("hello", new HashMap<String, Object>(), new FunctionCallback<String>() {
  void done(String result, ParseException e) {
    if (e == null) {
      // result is "Hello world!"
    }
  }
});
[PFCloud callFunctionInBackground:@"hello"
                   withParameters:@{}
                            block:^(NSString *result, NSError *error) {
   if (!error) {
     // result is @"Hello world!"
   }
}];
PFCloud.callFunctionInBackground("hello", withParameters: nil) {
  (response: AnyObject?, error: NSError?) -> Void in
  let responseString = response as? String
}
$result = ParseCloud::run("hello", []);
var result = await ParseCloud.CallFunctionAsync<IDictionary<string, object>>("hello", new Dictionary<string, object>());
// result is "Hello world!"
Parse.Cloud.run('hello', {}, {
  success: function(result) {
    // result is 'Hello world!'
  },
  error: function(error) {
  }
});

You should see this response:

{ "result": "Hello world!" }

Congratulations! You have successfully deployed and run Cloud Code.

This is a good time to play around with the deployment cycle. Try changing "Hello world!" to a different string, then deploy and run the function again to get a different result. The whole JavaScript SDK is available in Cloud Code, so there's a lot you can do. We'll go over some examples in more detail below.

Cloud Functions

Let's look at a slightly more complex example where Cloud Code is useful. One reason to do computation in the cloud is so that you don't have to send a huge list of objects down to a device if you only want a little bit of information. For example, let's say you're writing an app that lets people review movies. A single Review object could look like:

{
  "movie": "The Matrix",
  "stars": 5,
  "comment": "Too bad they never made any sequels."
}

If you wanted to find the average number of stars for The Matrix, you could query for all of the reviews, and average the stars on the device. However, this uses a lot of bandwidth when you only need a single number. With Cloud Code, we can just pass up the name of the movie, and return the average star rating.

Cloud functions accept a JSON parameters dictionary on the request object, so we can use that to pass up the movie name. The entire Parse JavaScript SDK is available in the cloud environment, so we can use that to query over Review objects. Together, the code to implement averageStars looks like:

Parse.Cloud.define("averageStars", function(request, response) {
  var query = new Parse.Query("Review");
  query.equalTo("movie", request.params.movie);
  query.find({
    success: function(results) {
      var sum = 0;
      for (var i = 0; i < results.length; ++i) {
        sum += results[i].get("stars");
      }
      response.success(sum / results.length);
    },
    error: function() {
      response.error("movie lookup failed");
    }
  });
});

The only difference between using averageStars and hello is that we have to provide the parameter that will be accessed in request.params.movie when we call the Cloud function. Read on to learn more about how Cloud functions can be called.

Cloud functions can be called from any of the client SDKs, as well as through the REST API (go back to our list of Platforms to switch SDKs). For example, to call the Cloud function named averageStars with a parameter named movie:

HashMap<String, Object> params = new HashMap<String, Object>();
params.put("movie", "The Matrix");
ParseCloud.callFunctionInBackground("averageStars", params, new FunctionCallback<Float>() {
   void done(Float ratings, ParseException e) {
       if (e == null) {
          // ratings is 4.5
       }
   }
});
[PFCloud callFunctionInBackground:@"averageStars"
                   withParameters:@{@"movie": @"The Matrix"}
                            block:^(NSNumber *ratings, NSError *error) {
  if (!error) {
     // ratings is 4.5
  }
}];
PFCloud.callFunctionInBackground("averageRatings", withParameters: ["movie":"The Matrix"]) {
  (response: AnyObject?, error: NSError?) -> Void in
  let ratings = response as? Float
  // ratings is 4.5
}
$ratings = ParseCloud::run("averageRatings", ["movie" => "The Matrix"]);
// $ratings is 4.5
IDictionary<string, object> params = new Dictionary<string, object>
{
    { "movie", "The Matrix" }
};
var result = await ParseCloud.CallFunctionAsync<IDictionary<string, object>>("averageStars", params);
Parse.Cloud.run('averageStars', { movie: 'The Matrix' }, {
  success: function(ratings) {
    // ratings should be 4.5
  },
  error: function(error) {
  }
});

In general, two arguments will be passed into cloud functions:

  1. request - The request object contains information about the request. The following fields are set:
    1. params - The parameters object sent to the function by the client.
    2. user - The Parse.User that is making the request. This will not be set if there was no logged-in user.

If the function is successful, the response in the client looks like:

{ "result": 4.8 }

If there is an error, the response in the client looks like:

{
  "code": 141,
  "error": "movie lookup failed"
}

beforeSave Triggers

Implementing validation

Another reason to run code in the cloud is to enforce a particular data format. For example, you might have both an Android and an iOS app, and you want to validate data for each of those. Rather than writing code once for each client environment, you can write it just once with Cloud Code.

Let's take a look at our movie review example. When you're choosing how many stars to give something, you can typically only give 1, 2, 3, 4, or 5 stars. You can't give -6 stars or 1337 stars in a review. If we want to reject reviews that are out of bounds, we can do this with the beforeSave method:

Parse.Cloud.beforeSave("Review", function(request, response) {
  if (request.object.get("stars") < 1) {
    response.error("you cannot give less than one star");
  } else if (request.object.get("stars") > 5) {
    response.error("you cannot give more than five stars");
  } else {
    response.success();
  }
});

If response.error is called, the Review object will not be saved, and the client will get an error. If response.success is called, the object will be saved normally. Your code should call one of these two callbacks.

One useful tip is that even if your mobile app has many different versions, the same version of Cloud Code applies to all of them. Thus, if you launch an application that doesn't correctly check the validity of input data, you can still fix this problem by adding a validation with beforeSave.

If you want to use beforeSave for a predefined class in the Parse JavaScript SDK (e.g. Parse.User), you should not pass a String for the first argument. Instead, you should pass the class itself:

Parse.Cloud.beforeSave(Parse.User, function(request, response) {
  if (!request.object.get("email")) {
    response.error("email is required for signup");
  } else {
    response.success();
  }
});

Modifying Objects on Save

In some cases, you don't want to throw out invalid data. You just want to tweak it a bit before saving it. beforeSave can handle this case, too. You just call response.success on the altered object.

In our movie review example, we might want to ensure that comments aren't too long. A single long comment might be tricky to display. We can use beforeSave to truncate the comment field to 140 characters:

Parse.Cloud.beforeSave("Review", function(request, response) {
  var comment = request.object.get("comment");
  if (comment.length > 140) {
    // Truncate and add a ...
    request.object.set("comment", comment.substring(0, 137) + "...");
  }
  response.success();
});

afterSave Triggers

In some cases, you may want to perform some action, such as a push, after an object has been saved. You can do this by registering a handler with the afterSave method. For example, suppose you want to keep track of the number of comments on a blog post. You can do that by writing a function like this:

Parse.Cloud.afterSave("Comment", function(request) {
  query = new Parse.Query("Post");
  query.get(request.object.get("post").id, {
    success: function(post) {
      post.increment("comments");
      post.save();
    },
    error: function(error) {
      console.error("Got an error " + error.code + " : " + error.message);
    }
  });
});

The client will receive a successful response to the save request after the handler terminates, regardless of how it terminates. For instance, the client will receive a successful response even if the handler throws an exception. Any errors that occurred while running the handler can be found in the Cloud Code log.

If you want to use afterSave for a predefined class in the Parse JavaScript SDK (e.g. Parse.User), you should not pass a String for the first argument. Instead, you should pass the class itself.

beforeDelete Triggers

You can run custom Cloud Code before an object is deleted. You can do this with the beforeDelete method. For instance, this can be used to implement a restricted delete policy that is more sophisticated than what can be expressed through ACLs. For example, suppose you have a photo album app, where many photos are associated with each album, and you want to prevent the user from deleting an album if it still has a photo in it. You can do that by writing a function like this:

Parse.Cloud.beforeDelete("Album", function(request, response) {
  query = new Parse.Query("Photo");
  query.equalTo("album", request.object.id);
  query.count({
    success: function(count) {
      if (count > 0) {
        response.error("Can't delete album if it still has photos.");
      } else {
        response.success();
      }
    },
    error: function(error) {
      response.error("Error " + error.code + " : " + error.message + " when getting photo count.");
    }
  });
});

If response.error is called, the Album object will not be deleted, and the client will get an error. If response.success is called, the object will be deleted normally. Your code should call one of these two callbacks.

If you want to use beforeDelete for a predefined class in the Parse JavaScript SDK (e.g. Parse.User), you should not pass a String for the first argument. Instead, you should pass the class itself.

afterDelete Triggers

In some cases, you may want to perform some action, such as a push, after an object has been deleted. You can do this by registering a handler with the afterDelete method. For example, suppose that after deleting a blog post, you also want to delete all associated comments. You can do that by writing a function like this:

Parse.Cloud.afterDelete("Post", function(request) {
  query = new Parse.Query("Comment");
  query.equalTo("post", request.object.id);
  query.find({
    success: function(comments) {
      Parse.Object.destroyAll(comments, {
        success: function() {},
        error: function(error) {
          console.error("Error deleting related comments " + error.code + ": " + error.message);
        }
      });
    },
    error: function(error) {
      console.error("Error finding related comments " + error.code + ": " + error.message);
    }
  });
});

The afterDelete handler can access the object that was deleted through request.object. This object is fully fetched, but cannot be refetched or resaved.

The client will receive a successful response to the delete request after the handler terminates, regardless of how it terminates. For instance, the client will receive a successful response even if the handler throws an exception. Any errors that occurred while running the handler can be found in the Cloud Code log.

If you want to use afterDelete for a predefined class in the Parse JavaScript SDK (e.g. Parse.User), you should not pass a String for the first argument. Instead, you should pass the class itself.

Resource Limits

Timeouts

Cloud functions will be killed after 15 seconds of wall clock time. beforeSave, afterSave, beforeDelete, and afterDelete functions will be killed after 3 seconds of run time. If a Cloud function or a beforeSave/afterSave/beforeDelete/afterDelete function is called from another Cloud Code call, it will be further limited by the time left in the calling function. For example, if a beforeSave function is triggered by a cloud function after it has run for 13 seconds, the beforeSave function will only have 2 seconds to run, rather than the normal 3 seconds. If you need additional time to perform operations in Cloud Code, consider using a background job.

Network requests

Network requests that are still in progress after success or error are called will be canceled. In general, you should wait for all network requests to finish before calling success. For afterSave functions and afterDelete functions, which don't call success/error, Cloud Code will wait for all network requests to finish.

Here's an example where calling response.success will cancel an outstanding query, leading to unexpected results:

Parse.Cloud.define("ThisFunctionWillNotReturnAllDataAsExpected", function(request, response) {
  var results = "Retrieved all Posts:\n"
  var query = new Parse.Query("Post");

  // This query.find() is unlikely to finish before response.success() is called.
  query.find().then(function(posts) {
    for (var i = 0; i < posts.length; i++) {
      results += posts[i].get('title') + "\n";
    }  
  });

  response.success(results); // Response: "Retrieval all Posts:\n"
});

This is a common mistake that can be easily avoided. Make sure that you only call success once all of your network queries have returned data, such as in the following example:

Parse.Cloud.define("ThisFunctionWillReturnAllData", function(request, response) {
  var results = "Retrieved all Posts:\n"
  var query = new Parse.Query("Post");

  query.find().then(function(posts) {
    for (var i = 0; i < posts.length; i++) {
      results += posts[i].get('title') + "\n";
    }

    // success has been moved inside the callback for query.find()
    response.success(results);
  }, function(error) {
    // Make sure to catch any errors, otherwise you may see a "success/error not called" error in Cloud Code.
    response.error("Could not retrieve Posts, error " + error.code + ": " + error.message);
  });

});

Logging from Cloud Code

If you want to log a message to the log files displayed by parse log, you can use console.log, console.error, or console.warn. Both console.error and console.warn will write to the error log.

Parse.Cloud.define("Logger", function(request, response) {
  console.log(request.params);
  response.success();
});

Cloud functions may log up to 100 messages per request. Log lines are limited to 1KB in size, after which they are truncated.

Want to contribute to this doc? Edit this section.
Was this section helpful? NO YES Thanks for your feedback, we’re always working to make our docs better.

Advanced Cloud Code

Networking

Cloud Code allows sending HTTP requests to any HTTP Server using Parse.Cloud.httpRequest. This function takes an options object to configure the call. There is a limit of 8 concurrent httpRequests per Cloud Code request, and additional requests will be queued up.

A simple GET request would look like:

Parse.Cloud.httpRequest({
  url: 'http://www.parse.com/'
}).then(function(httpResponse) {
  // success
  console.log(httpResponse.text);
},function(httpResponse) {
  // error
  console.error('Request failed with response code ' + httpResponse.status);
});

Parse.Cloud.httpRequest returns a Promise that will be resolved on a successful http status code; otherwise the Promise will be rejected. In the above example, we use then() to handle both outcomes.

A GET request that specifies the port number would look like:

Parse.Cloud.httpRequest({
  url: 'http://www.parse.com:8080/'
}).then(function(httpResponse) {
  console.log(httpResponse.text);
}, function(httpResponse) {
  console.error('Request failed with response code ' + httpResponse.status);
});

Valid port numbers are 80, 443, and all numbers from 1025 through 65535.

Query Parameters

You can specify query parameters to append to the end of the url by setting params on the options object. You can either pass a JSON object of key value pairs like:

Parse.Cloud.httpRequest({
  url: 'http://www.google.com/search',
  params: {
    q : 'Sean Plott'
  }
}).then(function(httpResponse) {
  console.log(httpResponse.text);
}, function(httpResponse) {
  console.error('Request failed with response code ' + httpResponse.status);
});

or as a raw String like this:

Parse.Cloud.httpRequest({
  url: 'http://www.google.com/search',
  params: 'q=Sean Plott'
}).then(function(httpResponse) {
  console.log(httpResponse.text);
}, function(httpResponse) {
  console.error('Request failed with response code ' + httpResponse.status);
});

Setting Headers

You can send HTTP Headers by setting the header attribute of the options object. Let's say you want set the Content-Type of the request, you can do:

Parse.Cloud.httpRequest({
  url: 'http://www.example.com/',
  headers: {
    'Content-Type': 'application/json;charset=utf-8'
  }
}).then(function(httpResponse) {
  console.log(httpResponse.text);
}, function(httpResponse) {
  console.error('Request failed with response code ' + httpResponse.status);
});

Sending a POST Request

You can send a post request by setting the method attribute of the options object. The body of the POST can be set using the body. A simple example would be:

Parse.Cloud.httpRequest({
  method: 'POST',
  url: 'http://www.example.com/create_post',
  body: {
    title: 'Vote for Pedro',
    body: 'If you vote for Pedro, your wildest dreams will come true'
  }
}).then(function(httpResponse) {
  console.log(httpResponse.text);
}, function(httpResponse) {
  console.error('Request failed with response code ' + httpResponse.status);
});

This will send a post to http://www.example.com/create_post with body that is the url form encoded body attribute. If you want the body to be JSON encoded, you can instead do:

Parse.Cloud.httpRequest({
  method: 'POST',
  url: 'http://www.example.com/create_post',
  headers: {
    'Content-Type': 'application/json;charset=utf-8'
  },
  body: {
    title: 'Vote for Pedro',
    body: 'If you vote for Pedro, your wildest dreams will come true'
  }
}).then(function(httpResponse) {
  console.log(httpResponse.text);
}, function(httpResponse) {
  console.error('Request failed with response code ' + httpResponse.status);
});

To ensure that your HTTP request body is encoded correctly, please always include the charset in your Content-Type header.

Following Redirects

By default, Parse.Cloud.httpRequest does not follow redirects caused by HTTP 3xx response codes. You can use the followRedirects option to change this behavior to follow redirects:

Parse.Cloud.httpRequest({
  url: 'http://www.example.com/',
  followRedirects: true
}).then(function(httpResponse) {
  console.log(httpResponse.text);
}, function(httpResponse) {
  console.error('Request failed with response code ' + httpResponse.status);
});

The Response Object

The response object passed into the success and error will contain:

  1. status - The HTTP Response status.
  2. headers** - The response headers
  3. buffer - The raw byte representation of the response body.
  4. text - The raw response body.
  5. data - The parsed response, if Cloud Code knows how to parse the content-type that was sent.
  6. cookies - The cookies sent by the server. They are Parse.Cloud.Cookie objects.

Modules

Cloud Code supports breaking up JavaScript code into modules. You can check out this tutorial for an in depth look at creating your own. In order to avoid unwanted side effects from loading modules, Cloud Code's modules work similarly to CommonJS modules. When a module is loaded, the JavaScript file is loaded, the source executed and the global exports object is returned. For example, if cloud/name.js has the following source:

var coolNames = ['Ralph', 'Skippy', 'Chip', 'Ned', 'Scooter'];
exports.isACoolName = function(name) {
  return coolNames.indexOf(name) !== -1;
}

and cloud/main.js contains:

var name = require('cloud/name.js');
name.isACoolName('Fred'); // returns false
name.isACoolName('Skippy'); // returns true;
name.coolNames; // undefined.

name contains a function called isACoolName. The path used by require is relative to the root directory of your Parse project. Only modules in the cloud/ directory can be loaded.

Cloud Code Webhooks

Webhooks allow you to write your server-side logic in your own environment with any tools you wish to use. This can be useful if you want to use a language other than JavaScript, host it yourself for improved testing capabilities, or if you require a specialized library or technology not available in Cloud Code. Webhooks are currently available for beforeSave, afterSave, beforeDelete, afterDelete, and Cloud functions. To specify a new webhook, you can use the Parse Dashboard in the Webhooks section located under Core.

We've written an example Cloud Code Webhooks server, in Express.js, which you can find on Github: CloudCodeWebhooks-Express.

Cloud Function Webhooks

A webhook request for a Cloud function will contain the following parameters:

To respond to this request, send a JSON object with the key error or success set. In the case of success, send back any data your client will expect; or simply true if your client doesn't require any data. In the case of error, the value provided should be the error message you want to return.

To create a webhook for a Cloud function, start by writing the function's code on your own server. Here's the simple hello world function written in a Rails environment.

# We need to disable CSRF protection for webhooks to work. Instead we
# use the webhook key to prove authenticity. protect_from_forgery :except => :index

def index
  # Ensure the request is authorized. You can find this key on your app's settings page
  # and you should ALWAYS validate it in your request.
  if request.headers['X-Parse-Webhook-Key'] !== @webhook_key
    return render :json => { :error => "Request Unauthorized"}
  end

  # Check the function name and return a message if it's correct
  if params[:functionName] == "helloWorld"
    return render :json => { :success => "Hello World!" }
  end

  # Return an error if it's not the function we expected 
  return render :json => { :error => "Unknown function"}
end

Here's an example of the JSON data that would be sent in the request to this webhook:

// Sent to webhook 
{
  "master": false, 
  "user": { 
    "createdAt": "2015-03-24T20:19:00.542Z", 
    "objectId": "lValKpphWN", 
    "sessionToken": "orU3ClA7sqMIN8g4KtmLe7eDM", 
    "updatedAt": "2015-03-24T20:19:00.542Z", 
    "username": "Matt" 
  }, 
  "installationId": "b3ab24c6-2282-69fa-eeea-c1b36ea497c2", 
  "params": {}, 
  "functionName": "helloWorld" 
}

This response would indicate a success in the webhook:

// Returned from the webhook on success
{ "success": "Hello World!" }

This response would indicate an error in the webhook:

// Returned from the webhook on error 
{ "error": "Error message >:(" }

You can activate this webhook from the Dashboard UI.

Once the webhook is set, you can call it from any of our SDKs or from the REST API, the same way you would a normal Cloud function.

Here's a more complex example where we use a webhook to perform some task for our billing pipeline. We'll use the popular resque gem to enqueue a job that handles billing the given user. For this example, the function is named chargeCustomer and it should always be called with the master key.

# We need to disable CSRF protection for webhooks to work. Instead we 
# use the webhook key to prove authenticity. 
protect_from_forgery :except => :index

def index 
  # Ensure the request is validated 
  if request.headers['X-Parse-Webhook-Key'] !== @webhook_key 
    return render :json => { :error => "Request Unauthorized"} 
  end

  # Check the function name 
  if params[:functionName] == "chargeCustomer" && params[:master] == true 
    # extract the custom parameters sent with the function 
    custom_params = params[:params] 
    user_id = custom_params["userObjectId"]

    # enqueue a resque job to bill the user 
    Resque.enqueue(BillingJob, user_id)

    # return a json object of this billing info 
    return render :json => { :success => "User billed!" } 
  end

  return render :json => { :error => "Unknown function"} 
end

Here's an example of the JSON data that would be sent in the request to this webhook:

// Sent to webhook 
{ 
  "master": true, 
  "installationId": "b3ab24c6-2282-69fa-eeea-c1b36ea497c2", 
  "params": { "userObjectId": "6eaI2sTgH6" }, 
  "functionName": "chargeCustomer" 
}

This response would indicate a success in the webhook:

// Returned from the webhook on success 
{ "success": "User billed!" }

Set your webhook from the Dashboard UI. After that, it's available from all SDKs and the REST API the same way you would a normal Cloud function

Webhooks are great when you want to use a specialized technology not available on Parse's Cloud Code. In this case we made use of an open source library and integrated with a separate data source where our billing info might be stored for legacy reasons.

beforeSave Webhooks

Let's write a beforeSave trigger to truncate movie review comments that are more than 140 characters long using our own Rails server and a webhook.

For triggers, the following parameters are sent to your webhook.

To respond to a beforeSave request, send a JSON object with the key error or success set. This is the same as for Cloud functions, but there's an extra capability with beforeSave triggers. By returning an error, you will cancel the save request and the object will not be stored on Parse. You can also return a JSON object in this following format to override the values that will be saved for the object:

{ 
  "className": "AwesomeClass", 
  "existingColumn": "sneakyChange", 
  "newColumn": "sneakyAddition" 
}

Let's recreate our trigger to truncate moview review comments that are longer than 140 characters.

# We need to disable CSRF protection for webhooks to work. Instead we 
# use the webhook key to prove authenticity. 
protect_from_forgery :except => :reviews

def reviews 
  if request.headers['X-Parse-Webhook-Key'] != @webhook_key 
    return render :json => { :error => "Request Unauthorized"} 
  end

  review = params[:object] 
  if params[:triggerName] == "beforeSave" && review["className"] == "Review" 
    # truncate the object and return the new data 
    if review["comment"].length > 140 
      review["comment"] = review["comment"].truncate(140) 
      return render :json => { :success => review } 
    end

    # if the comment is ok we just return a success 
    return render :json => { :success => true } 
  end

  return render :json => { :error => "Unknown trigger"}
end

Here's an example of the JSON data that would be sent in the request to this webhook:

// Sent to webhook 
{ 
  "master": false, 
  "user": { 
    "createdAt": "2015-03-24T20:19:00.542Z", 
    "objectId": "lValKpphWN", 
    "sessionToken": "orU3ClA7sqMIN8g4KtmLe7eDM", 
    "updatedAt": "2015-03-24T20:19:00.542Z", 
    "username": "Matt" 
  }, 
  "installationId": "b3ab24c6-2282-69fa-eeea-c1b36ea497c2", 
  "triggerName": "beforeSave", 
  "object": { 
    "className": "Comment", 
    "comment": "A very long comment that will be truncated to be just 140 characters. I sure love using Parse, it's just so easy to get started :)! Hopefully that part doesn't get truncated :/" 
  } 
}

This response would indicate a success in the webhook:

// Returned from the webhook on success
{ 
  "success": { 
    "className": "Comment", 
    "comment": "A very long comment that will be truncated to be just 140 characters. I sure love using Parse, it's just so easy to get started :)! Hopef..."
  } 
}

afterSave Webhooks

Like we've seen in Cloud Code, it's also possible to run some code after an object has been saved using a webhook. The parameters sent to your webhook are the same as for beforeSave triggers but we'll repeat them here for clarity.

No response is required for afterSave triggers.

Let's take the same example we created in Cloud Code in the last chapter; keeping track of the number of comments on a blog post. But instead of storing the number in our Parse database, we'll store the count in a separate data source accessible by our Rails app. This could be useful if you're storing data that will be used to run custom analysics instead of being served to your users through a client.

# We need to disable CSRF protection for webhooks to work. Instead we 
# use the webhook key to prove authenticity. 
protect_from_forgery :except => :comments

def comments 
  if request.headers['X-Parse-Webhook-Key'] != @webhook_key 
    return render :nothing => true 
  end

  comment = params[:object] 
  if params[:triggerName] == "afterSave" && comment["className"] == "Comment" 
    post = comment["post"] 
    @post_model = Post.where("id = #{post["objectId"]}") 
    @post_model.increment(:comments_count, 1) 
    @post_model.save! 
    return render :nothing => true 
  end 

  render :nothing => true
end

Here's an example of the JSON data that would be sent in the request to this webhook:

```json
// Sent to webhook 
{ 
  "master": false, 
  "user": { 
    "createdAt": "2015-03-24T20:19:00.542Z", 
    "objectId": "lValKpphWN", 
    "sessionToken": "orU3ClA7sqMIN8g4KtmLe7eDM", 
    "updatedAt": "2015-03-24T20:19:00.542Z", 
    "username": "Matt" 
  }, 
  "installationId": "b3ab24c6-2282-69fa-eeea-c1b36ea497c2", 
  "triggerName": "afterSave", 
  "object": { 
    "objectId": "zPnDyvj0vd", 
    "className": "Comment", 
    "createdAt": "2015-03-25T00:00:57.055Z", 
    "updatedAt": "2015-03-25T00:00:57.055Z", 
    "post": { 
      "__type": "Pointer", 
      "className": "Post", 
      "objectId": "jsUd72Sd2l" 
    } 
  } 
}

beforeDelete Webhooks

You also use webhooks for beforeDelete triggers. The parameters sent to your webhook are the same as for beforeSave and afterSave triggers but we'll repeat them here for clarity.

Just like for Cloud functions, to respond to a beforeDelete request, send a JSON object with the key error or success set. Returning an error will cancel the delete and the object will remain in your database.

As an example, let's use this trigger to prohibit a user from deleting or creating a new blog posts if they haven't paid their bill. We'll assume the billing information is currently stored in a SQL database only accessible from our Rails server. We'll use both the beforeDelete and the beforeSave triggers to disable all modifications to this class.

# We need to disable CSRF protection for webhooks to work. Instead we 
# use the webhook key to prove authenticity. 
protect_from_forgery :except => :posts

def posts 
  if request.headers['X-Parse-Webhook-Key'] != @webhook_key 
    return render :json => { :error => "Request Unauthorized"} 
  end

  post = params[:object] 
  if (params[:triggerName] == "beforeDelete" || params[:triggerName] == "beforeSave") && post["className"] == "Post" 
    @user = User.find(post['user']) 
    if !@user.paid_up 
      return render :json => { :error => "You have outstanding charges on your account. Please update your credit card information before proceeding." } 
    end 

    return render :json => { :success => true } 
  end
  return render :json => { :error => "Unknown trigger"}
end

Here's an example of the JSON data that would be sent in the request to this webhook:

// Sent to webhook 
{ 
  "master": false, 
  "user": { 
    "createdAt": "2015-03-24T20:19:00.542Z", 
    "objectId": "lValKpphWN", 
    "sessionToken": "orU3ClA7sqMIN8g4KtmLe7eDM", 
    "updatedAt": "2015-03-24T20:19:00.542Z", 
    "username": "Matt" 
  }, 
  "installationId": "b3ab24c6-2282-69fa-eeea-c1b36ea497c2", 
  "triggerName": "beforeDelete", 
  "object": { 
    "objectId": "jsUd72Sd2l", 
    "className": "Post", 
    "createdAt": "2015-03-25T00:00:57.055Z", 
    "updatedAt": "2015-03-25T00:00:57.055Z"
  } 
}

This response would indicate a success in the webhook:

// Returned from the webhook on success 
{ "success": true }

As with previous examples, for this example to work you would also need to set up the webhooks in the Dashboard for your app.

afterDelete Webhooks

The afterDelete trigger is also accessible via webhooks. The parameters sent to your webhook are the same as for other triggers but we'll repeat them here for clarity.

No response is required for afterDelete triggers.

In our webhooks example for the afterSave trigger, we updated a count in our external SQL database to track the number of comments on a post. In this example, let's decrement this count when a comment is deleted.

# We need to disable CSRF protection for webhooks to work. Instead we 
# use the webhook key to prove authenticity. 
protect_from_forgery :except => :comments

def comments 
  if request.headers['X-Parse-Webhook-Key'] != @webhook_key 
    return render :nothing => true 
  end

  comment = params[:object] 
  if params[:triggerName] == "afterDelete" && comment["className"] == "Comment" 
    @post_model = Post.where("id = #{comment['post']}") 
    @post_model.decrement(:comments_count, 1) 
    @post_model.save! 
    return render :nothing => true 
  end

  render :nothing => true
end

Here's an example of the JSON data that would be sent in the request to this webhook:

// Sent to webhook 
{ 
  "master": false, 
  "user": { 
    "createdAt": "2015-03-24T20:19:00.542Z", 
    "objectId": "lValKpphWN", 
    "sessionToken": "orU3ClA7sqMIN8g4KtmLe7eDM", 
    "updatedAt": "2015-03-24T20:19:00.542Z", 
    "username": "Matt" 
  }, 
  "installationId": "b3ab24c6-2282-69fa-eeea-c1b36ea497c2", 
  "triggerName": "afterDelete", 
  "object": { 
    "objectId": "zPnDyvj0vd", 
    "className": "Comment", 
    "createdAt": "2015-03-25T00:00:57.055Z", 
    "updatedAt": "2015-03-25T00:00:57.055Z", 
    "post": {
      "__type": "Pointer", 
      "className": "Post", 
      "objectId": "jsUd72Sd2l" 
    } 
  } 
}

After setting up your webhook in the Dashboard UI, you'll be acurately decrementing comment counts!

Resource Limits

  1. All webhooks are limited to 30 seconds. Parse will time out the request after this time limit.
  2. Cloud Code Webhooks require an HTTPS connection. Your server must have a valid SSL certificate. Self-signed certificates will not be accepted, for your security.
  3. In cases where you define a webhook for a function or a trigger that you've also implemented in Cloud Code, Parse will only call your defined webhook. Priority will always be given to your webhook over Cloud Code.
  4. In order to secure these requests and prevent others from executing this code on your server, we'll send a secret key known only to you and Parse in the X-Parse-Webhook-Key header. You should always check this value against your WebhookKey to authenticate that the webhook request is coming from Parse. You can find your Webhook key in the Keys section of your app dashboard.

Background Jobs

Parse allows you to set up jobs that run in the background. Background Jobs are useful for long running tasks such as integrating with external sites where the response time could be slow, or sending out batched push notifications. If you commonly encounter timeout errors running Cloud functions then you should consider using a Background Job.

There are a few constraints that you need to keep in mind when using Background Jobs:

Writing a Background Job

Writing a Background Job is similar to writing a Cloud function. Say you want to run a user migration job after adding a plan field to the Parse.User object. Your code would look like this:

Parse.Cloud.job("userMigration", function(request, status) {
  // Set up to modify user data
  Parse.Cloud.useMasterKey();
  var counter = 0;
  // Query for all users
  var query = new Parse.Query(Parse.User);
  query.each(function(user) {
      // Update to plan value passed in
      user.set("plan", request.params.plan);
      if (counter % 100 === 0) {
        // Set the  job's progress status
        status.message(counter + " users processed.");
      }
      counter += 1;
      return user.save();
  }).then(function() {
    // Set the job's success status
    status.success("Migration completed successfully.");
  }, function(error) {
    // Set the job's error status
    status.error("Uh oh, something went wrong.");
  });
});

As with other Cloud Functions, you should handle success and error conditions. For Background Jobs, you do this by calling either status.success() or status.error() when your function completes. Your job execution status will then be set to completed. If you don't call either of these methods, your job will time out in 15 minutes. You can optionally set a progress message while the job is executing by calling status.message(). If you call status.message() after status.success(), your progress message will be ignored.

Once you've deployed your code, you can test the job by running the following command, with your master key. Note that Background Jobs cannot be triggered from the client SDK. It is only available through the REST API.

curl -X POST \
  -H "X-Parse-Application-Id: $PARSE_APPLICATION_ID" \
  -H "X-Parse-Master-Key: $PARSE_MASTER_KEY" \
  -H "Content-Type: application/json" \
  -d '{"plan":"paid"}' \
  https://api.parse.com/1/jobs/userMigration

Setting up a Schedule

Once you've deployed your Background Job code, it can be scheduled in the Dashboard under the Cloud Code tab. The Scheduled Jobs pane lists all currently scheduled jobs and allows you to schedule a new one. To add an entry to the job schedule, select a currently deployed job then specify a description, any required parameters, the start time, and the frequency. Once a job has been scheduled you can run it on demand by clicking Run Now. You may also delete an entry in the job schedule. The Job Status pane lists the results of your job executions. You can see when a job started, its most recent status message, and whether it has completed.

Want to contribute to this doc? Edit this section.
Was this section helpful? NO YES Thanks for your feedback, we’re always working to make our docs better.

Cloud Code Hosting

Parse Hosting provides you with the tools to host static and dynamic websites. You can upload arbitraty static web content or create dynamic web apps, using the JavaScript SDK on the client side and Cloud Code plus Express on the server side. This allows you to create companion web apps for your native app, landing pages for your mobile app, or even host Unity Web Player binaries.

On the computer you use for development, you will need to install Parse's command line tool to manage your website in the Parse Cloud. Take a look at the Cloud Code guide or the Command Line Tool guide for help getting started.

You will need at least version 1.1.0 of the command line tool.

A Simple Website

Hosting static content using Parse is easy. Everything in the public directory will be hosted at your-custom-subdomain.parseapp.com. This directory sits alongside the cloud and config directories.

To deploy a Hello World website, simply do:

$ echo "Hello World" > public/index.html
$ parse deploy

To access the website you've deployed you need to set up a subdomain.

Choosing a Subdomain Name

To access your hosted content, you will first need to select a ParseApp subdomain. You can set your subdomain in the "Web Hosting" section of your app's settings. There will be a field for you to enter a ParseApp name. The subdomain name is case-insensitive, and unlike your app name, it must be unique across the entire Parse system. It may consist of 3 to 20 alphanumeric characters and dashes, and may not start or end with a dash. When you select a unique subdomain name, a checkmark is displayed to indicate that is is not yet taken.

Let's say you chose at-the-movies as the subdomain name for your website, you can now access it at the root URL at-the-movies.parseapp.com. If you upload another hosted file from public/images/background.png, then it can be accessed by pointing your browser at at-the-movies.parseapp.com/images/background.png.

Uploading Constraints

There are a few constraints for hosted files:

You are free to upload hosted content of any type you want. Parse will infer the content type from each file's extension.

Custom Domain Names

Users can also host content at a custom domain name. If you have chosen the ParseApp name at-the-movies and want to host your content at www.example.com, it requires three steps:

  1. Demonstrate that you control the DNS entries for www.example.com. You can do this by adding a CNAME to at-the-movies.parseapp.com from either www.example.com or [your_host_name_key].www.example.com. Your host name key is a 12-character string that you can find in the "Web Hosting" section in your app's settings. It can take anywhere from 15 minutes to several hours for a new DNS entry to be propagated, and the next step cannot be completed until this happens. If you are currently hosting a website at www.example.com, you will probably want to use the host name key method, otherwise your website might experience downtime for users who see the new DNS entry before you complete the next step.
  2. After your new DNS entry been propagated, you can set your host name to www.example.com in your app's hosting settings. If the first step was successful, a checkmark should show up. Otherwise, an error message will tell you what went wrong.
  3. If you verified ownership via the host name key, you will still need to add a CNAME from www.example.com to at-the-movies.parseapp.com to begin sending traffic to your hosted app.

After completing these steps, www.example.com will serve the same content as at-the-movies.parseapp.com.

If you want to serve content at an apex domain like example.com then you might have trouble with the steps above, because root domains generally don't support CNAME records. To support this situation, Parse offers a service which will redirect traffic from root domains like example.com to the www.example.com subdomain. To use this service, complete the steps above using a www-prefixed domain like www.example.com, and then create A records from example.com to one or both of the following IP addresses:

A records can be created in the settings page of your domain name service provider. After creating these A records, requests to example.com will result in a 301 (permanent) redirect to www.example.com while preserving the request path.

If you visit your hosted site over HTTPS using your custom domain, you might see a warning that the website is serving content using an SSL certificate belonging to *.parseapp.com. If you have a SSL certificate belonging to your custom domain, you can fix these warnings by uploading the public certificate file and the private key file on the "Web Hosting" section in your app's settings. If your domain's public certificate requires intermediate certificates, then you should append your public certificate, intermediate certificates, and the root certificate into a single file (in that order), and upload it as the "SSL Public Certificate" in your app settings. In 10-30 minutes, your certificate will be propagated to the Parse hosting servers and served to users who visit your hosted site over HTTPS.

Dynamic Websites

You can use Cloud Code and Express to build multi-page dynamic web apps. With the Express framework, you have many powerful tools at your fingertips, such as request routing, cookie handling, and template rendering. With Cloud Code, you have access to functionality such as interacting with Parse data and sending HTTP requests.

With Parse, you have a choice of building either a multi-page web app with Express, or a single-page Backbone app with the Parse JavaScript SDK on the client side. The Express approach has the advantage that your website can be crawled by search engines, while the client-side Backbone approach may result in more responsive apps. You can find details about Express and Cloud Code in our Express API docs.

Express can help you get your app up and running quickly, but if you prefer a lower-level Node.js-like HTTP interface, we have that too. For more details, please see our HTTP interface API docs. If you choose to use Express or Node.js, you'll first need to delete public/index.html so that requests can get through to your custom handler functions.

In this guide, we'll focus on building web apps with the Express API.

Creating a Web App

After you get Parse Hosting set up, you can generate a starter web app by typing the following inside your parse project folder.

$ parse generate express

This command creates the following directory structure inside your cloud folder. It will not touch your existing main.js file.

-cloud/
  app.js
  -views/
    hello.ejs
  main.js (not touched)

Next, you need to add the following line at the top of your main.js. This makes sure that the code in app.js is loaded.

require('cloud/app.js');

Then, run parse deploy to deploy your web app. After deploying, you should find your web app at your-custom-subdomain.parseapp.com/hello. We'll next go over this sample app in detail.

Sample Web App

Let's go over the starter web app to get an idea what Express can do for us. If you haven't created the starter app yet, you can create one using these instructions.

The top-level entry point for an Express app is app.js, where the app is initialized, and the request paths are hooked up to corresponding logic through the Express routing API. You must require this file from main.js because Cloud Code starts at main.js when it loads your JavaScript. We recommend that you put your Cloud Functions in main.js, and put all Express-related code in app.js.

In your sample app, app.js should look like this:

// These two lines are required to initialize Express.
var express = require('express');
var app = express();

// Global app configuration section
app.set('views', 'cloud/views');  // Specify the folder to find templates
app.set('view engine', 'ejs');    // Set the template engine
app.use(express.bodyParser());    // Middleware for reading request body

// This is an example of hooking up a request handler with a specific request
// path and HTTP verb using the Express routing API.
app.get('/hello', function(req, res) {
  res.render('hello', { message: 'Congrats, you just set up your app!' });
});

// This line is required to make Express respond to http requests.
app.listen();

In the global app configuration section at the top, we specify some app settings and initialize the Express middleware. App settings include specifying a templating engine for rendering your web pages, and where to find your template source files. Express middleware are optional components that preprocess the incoming request. The middleware specified in this section apply to all request paths.

The sample app also has a cloud/views folder, containing an EJS template file (hello.ejs). In this template, the message variable will be replaced by the value specified in the res.render() line in app.js.

Handling Requests

Let's look at a simple request handler that reads the request text, and responds with a message including the request text.

app.post('/echo', function(req, res) {
  res.set('Content-Type', 'text/plain');
  res.send('echoing: ' + req.body.message);
});

Every request handler starts with app.VERB, where the VERB could be any of the standard HTTP verbs, such as get, post, put, or delete. This tells Express what type of HTTP request this handler should respond to.

Next, the '/echo' parameter specifies what url path (also known as route) that this request handler should respond to. Then, we specify a function that takes in a request and response object to perform the request handling logic. As long as we include the express.bodyParser middleware, the req.body should be populated with input data. For example, if the raw request body is { "message": "hi" }, then req.body.message above will have the value 'hi'. Finally, the res.send() tells Express to populate the response object with the specified string.

Express Middleware

Middleware are modules that process the request before it reaches your request handler. These components convert a raw HTTP request into a request object that you can easily work with in your request handler. Cloud Code supports the following Express-provided middleware:

In addition, we've provided the following custom middleware:

You can add middleware to your app with app.use(). The standard Express middleware are functions, so make sure you call them accordingly (e.g. app.use(express.csrf()). You should add your app's middleware before registering any request handlers with app.VERB().

Please follow the above order when configuring Express middleware in the global app configuration section. You may leave out any middleware that you don't need. The order is important because later middleware may depend on the data created by earlier ones.

Rendering Templates

Templates are a great way to dynamically generate web content, and reduce code duplication. Cloud Code provides modules for the EJS and Jade template engines.

You specify the template engine in the global app configuration section with app.set('view engine', ENGINE_NAME), where ENGINE_NAME can be either 'ejs' or 'jade'. The template file in the cloud/views folder should have an extension matching ENGINE_NAME. The sample app's template looks like this in EJS (hello.ejs) or Jade (hello.jade):

// Using EJS syntax
<!DOCTYPE html>
<html>
  <head>
    <title>Sample App</title>
  </head>
  <body>

# Hello World

<%%= message %>

  </body>
</html>
// Using Jade syntax
doctype 5
html
  head
    title Sample App
  body
    h1 Hello World
    p= message

You can find more information about the syntax for each template engine at the homepages for EJS and Jade.

You render templates by calling res.render(). The first argument is the template file name. If it does not have a file extension, Express will look for the file with the extension matching your app's template engine setting. The second argument is a JSON object that contains all the variables in the template and their corresponding values. Each variable in the template serves as a placeholder, and is replaced by its actual value when you render the template.

Getting User Input

Getting user input is easy with Express in Cloud Code. You can create a form element in a template to allow the user to type some text, and then add a request handler for the request issued by submitting the form.

Let's add a simple form to our sample app template. Please replace hello.ejs or hello.jade with the following code:

// Using EJS syntax
<!DOCTYPE html>
<html>
  <head>
    <title>Sample App</title>
  </head>
  <body>

# Hello World

    <p><%%= message %>

    <form method="post" action="/hello">

        <input name="message"></input>
        <input class="button" type="submit" value="Update Greeting">

    </form>
  </body>
</html>
// Using Jade syntax
doctype 5
html
  head
    title Sample App
  body
    h1 Hello World
    p= message
    form(method="post", action="/hello")
      p
        input(type="text", name="message")
        input(type="submit", name="submit", value="Update Greeting")

Then, we need to add a request handler for the HTTP post request in app.js.

app.post('/hello', function(req, res) {
  res.render('hello', { message: req.body.message });
});

Suppose the user types "hi" into the text box, and then clicks the "Update Greeting" button. The form will send an HTTP post request to the url http://example.parseapp.com/hello, with the request body message=hi. The express.bodyParser middleware will read the request body and set req.body.message to 'hi'. The request then triggers the above request handler because the HTTP verb and url path both match. Finally, the request handler renders the hello.ejs template by inserting 'hi' into the placeholder for the message variable.

User Session Management

You can add Parse.User authentication and session management to your Express app using the parseExpressCookieSession middleware. You just need to call Parse.User.logIn() in Cloud Code, and this middleware will automatically manage the user session for you.

You can use a web form to ask for the user's login credentials, and log in the user in Cloud Code when you receive data from this form. After you call Parse.User.logIn(), this middleware will automatically set a cookie in the user's browser. During subsequent HTTP requests from the same browser, this middleware will use this cookie to automatically set the current user in Cloud Code. This will make ACLs work properly in Cloud Code, and allow you to retrieve the entire current user object if needed. Finally, when you log out a user in Cloud Code by calling Parse.User.logOut(), this middleware will automatically remove the browser cookie. For sample app code, please see the documentation for this middleware.

When you work with user data, you should use HTTPS whenever possible. To protect your app and your users, the parseExpressCookieSession middleware requires you to use HTTPS. For your convenience, we also provide a parseExpressHttpsRedirect middleware for redirecting all HTTP requests to HTTPS. Please see its documentation for details.

Static Content

Your Express app can sit side-by-side with any static content you deployed from your public folder. When a request goes to a URL of your subdomain, Parse will first look for a matching file in the public directory. If there is no match, then Parse will invoke any Express request handlers that you have registered in Cloud Code. If there is still no match, Parse will render a "404 Not Found" page.

If you are using Express with static content, we recommend the following directory structure for your project.

-cloud/
  main.js            Cloud Code functions, require cloud/app.js here
  app.js             Express app configuration and request handling logic
  -views/            View template files that Express needs to render
    hello.ejs
-public/
  example.html       Static HTML files
  favicon.ico        Your favicon logo
  -stylesheets/      CSS stylesheets
    style.css

Logging

If you want to log a message to the log files displayed by parse log, you can use console.log, console.error, or console.warn. Both console.error and console.warn will write to the error log.

app.post('/hello', function(req, res) {
  console.log("New message: " + req.body.message);
  res.render('hello', { message: req.body.message });
});

Development vs Production

You can use your development app to try out new code, and the production app to run your app that you distribute to the public.

Adding a New App to a Project

You will need to have multiple apps linked to your project. parse new will link the first app to the project. You can add more apps by running parse add [alias], like so:

$ parse add production
Email: pirate@gmail.com
Password:
1:PiecesOfEightCounterProd
2:PiecesOfEightCounterDev
Select an App: 1

The example above links the PiecesOfEightCounterProd app to your project. It also creates an alias to new app called production that provides a shorthand way to reference the app.

Developing your Website

While developing new code, you can use the develop command to have the Parse command line tool continuously check for updates to your project and upload your changes. The command looks like:

$ parse develop development
E2013-11-21T01:05:56.257Z] Deploy failed with error:Error: Uncaught SyntaxError: Unexpected token ; in app.js:30
    at main.js:1:1
I2013-11-21T01:06:21.504Z] Deployed v172 with triggers:
  Cloud Functions:
    hello

Note that for the develop command you need to be explicit about the app that you are going to push new changes to. This avoids accidentally running develop on your production app, potentially deploying untested code to it. The command line tool will upload code changes and display new log messages, until you hit Ctrl-C.

Deploying Code to Production

After you are done testing and updating your code, you can deploy the code to production by passing the production app to the the deploy command, like so:

$ parse deploy production
New release is named v2
Want to contribute to this doc? Edit this section.
Was this section helpful? NO YES Thanks for your feedback, we’re always working to make our docs better.

Cloud Code Modules

Cloud Modules are the easiest way to integrate your Parse app with third-party services and libraries. Read on to learn how to add amazing features to your Parse app, from text messaging to email.

Cloud Modules work just like the JavaScript modules you can create yourself but they are readily available to everyone. You just add require('cloudModuleName') to your Cloud Code and you are ready to go! This guide will help you get started with the current set of available Cloud Modules. But, if you don't see the service you're interested in, fill out the feedback form above to let us know! You can also take a look at the our tutorial on how to create your own modules to integrate with your favorite APIs.

App Links

We provide Express middleware for generation of App Link metadata, which allows other apps to deep link into your app based on content on your website. You can check out the full documentation of App Links here. To use App Links, you require both express and applinks-metatag modules and create an Express app.

var Express = require('express');
var AppLinks = require('applinks-metatag');
var app = Express();

The middleware accepts an array of JavaScript objects that must contain a platform name (e.g. "ios", "iphone", "android", or "windows_phone") and a set of fields relevant to the platform as specified on the App Links official website. You can also provide a function that will generate the same metadata based upon the request, so that you can provide different app links data for each page.

app.use(AppLinks([{
  platform: "ios",
  url: "anypic://",
  app_name: "AnyPic"
}, {
  platform: "android",
  url: "anypic://",
  package: "com.parse.anypic"
}]));

The code snippet above will inject the following code into the content of your page's head tag:

<meta property="al:ios">
<meta property="al:ios:url" content="anypic://">
<meta property="al:ios:app_name" content="AnyPic">
<meta property="al:android">
<meta property="al:android:url" content="anypic://">
<meta property="al:android:package" content="com.parse.anypic">

You can also inject the App Links metadata into individual pages:

app.use(AppLinks([{
  platform: "ios",
  url: "anypic://",
  app_name: "AnyPic"
}, {
  platform: "android",
  url: "anypic://",
  package: "com.parse.anypic"
}]));

app.get('/home', AppLinks({
  platform: "ipad",
  url: "anypic2://",
  app_name: "AnyPic for iPad"
}), yourRenderFunction);

This will include the global iOS and Android metadata, but will also add iPad App Link metadata when rendering /home:

<meta property="al:ipad">
<meta property="al:ipad:url" content="anypic2://">
<meta property="al:ipad:app_name" content="AnyPic for iPad">
<meta property="al:ios">
<meta property="al:ios:url" content="anypic://">
<meta property="al:ios:app_name" content="AnyPic">
<meta property="al:android">
<meta property="al:android:url" content="anypic://">
<meta property="al:android:package" content="com.parse.anypic">

You can also generate App Link metadata based on request parameters by supplying a function:

app.get('/image/:imageId', AppLinks(function(req, res) {
  return {
    platform: "ipad",
    url: "anypic://image/" + req.params.imageId,
    app_name: "AnyPic for iPad"
  };
}), yourRenderFunction);

This will inject the following code when rendering /image/parsaritas:

<meta property="al:ipad">
<meta property="al:ipad:url" content="anypic://image/parsaritas">
<meta property="al:ipad:app_name" content="AnyPic for iPad">

Mailgun

Mailgun is a set of powerful APIs that allow you to send, receive, track and store email effortlessly. You can check out their service at www.mailgun.com. To use this Cloud Module, you will need to head over to the Mailgun website and create an account.

The current version of the Mailgun Cloud Module supports sending emails. To use it in your Cloud Code functions, start by requiring the module and initializing it with your credentials.

var Mailgun = require('mailgun');
Mailgun.initialize('myDomainName', 'myAPIKey');

You can then use the sendEmail function to fire off some emails. This function takes two parameters. The first is a hash with the Mailgun parameters you want to include in the request. The typical ones are from, to, subject and text, but you can find the full list on their documentation page. The second parameter to this function is an object with a success and an error field containing two callback functions.

Mailgun.sendEmail({
  to: "email@example.com",
  from: "Mailgun@CloudCode.com",
  subject: "Hello from Cloud Code!",
  text: "Using Parse and Mailgun is great!"
}, {
  success: function(httpResponse) {
    console.log(httpResponse);
    response.success("Email sent!");
  },
  error: function(httpResponse) {
    console.error(httpResponse);
    response.error("Uh oh, something went wrong");
  }
});

For additional information about the Mailgun Cloud Module, take a look at the API Reference.

Mandrill

Mandrill provides a great platform for sending transactional email. It runs on the delivery infrastructure that powers MailChimp. You can check out their service on their website. To use this Cloud Module, you will need to head over to the Mandrill website and create an account.

The current version of the Mandrill Cloud Module supports sending emails. To use it in your Cloud Code functions, start by requiring the module and initializing it with your credentials.

var Mandrill = require('mandrill');
Mandrill.initialize('myAPIKey');

You can then use the sendEmail function to fire off some emails. This function takes two parameters. The first is a hash with the Mandrill parameters you want to include in the request. A full list is available on their documentation page, but here is an example of the common ones. The message object is required with every request and contains the email's data such as the text, the subject and an array of recipients. Optionally, the async boolean value can be provided to ensure the request returns once the email is queued instead of waiting until it is sent. If you are sending an email to multiple recipients, you should set async to true to ensure your cloud function does not timeout. The second parameter to this function is an object with a success and an error field containing two callback functions for the request.

Mandrill.sendEmail({
  message: {
    text: "Hello World!",
    subject: "Using Cloud Code and Mandrill is great!",
    from_email: "parse@cloudcode.com",
    from_name: "Cloud Code",
    to: [
      {
        email: "you@parse.com",
        name: "Your Name"
      }
    ]
  },
  async: true
},{
  success: function(httpResponse) {
    console.log(httpResponse);
    response.success("Email sent!");
  },
  error: function(httpResponse) {
    console.error(httpResponse);
    response.error("Uh oh, something went wrong");
  }
});

For additional information about the Mandrill Cloud Module, take a look at the API Reference.

Moment

Moment.js is a small JavaScript date library for parsing, validating, manipulating, and formatting dates. You can learn more about Moment on their website. To use it, you simply need to require it.

var moment = require('moment');

For additional information about the Moment.js Cloud Module, take a look at their API reference.

Note that the version of Moment.js that Parse offers is 1.7.2. If you require a newer version, download moment.js to your cloud/ folder and require it like this:

var moment = require('cloud/moment');

Parse Image

Images are the most common kind of Parse.File. The parse-image module provides an Image class that makes working with images in Cloud Code easier.

Reading Images from Files

To get started, create an Image using a Buffer with image file data. Usually, this data comes from a Parse.File. To read in the data from a file and create the image object, you can use our networking functions.

var Image = require("parse-image");

Parse.Cloud.httpRequest({
  url: object.get("profilePhoto").url(),
  success: function(response) {
    // The file contents are in response.buffer.
    var image = new Image();
    return image.setData(response.buffer, {
      success: function() {
        console.log("Image is " + image.width() + "x" + image.height() + ".");
      },
      error: function(error) {
        // The image data was invalid.
      }
    })
  },
  error: function(error) {
    // The networking request failed.
  }
});

Cropping Images

To extract a particular rectangle of an image, use the crop method. This lets you specify the area of the image you want to keep.

// Crop the image to the rectangle from (10, 10) to (30, 20).
image.crop({
  left: 10,
  top: 10,
  right: 30,
  bottom: 20,
  success: function(image) {
    // The image was cropped.
  },
  error: function(error) {
    // The image could not be cropped.
  }
});

Alternatively, you can supply a width and height instead of right and bottom.

// Crop the image to the rectangle from (10, 10) to (30, 20).
image.crop({
  left: 10,
  top: 10,
  width: 20,
  height: 10,
  success: function(image) {
    // The image was cropped.
  },
  error: function(error) {
    // The image could not be cropped.
  }
});

Scaling Images

You can also resize an image, scaling the graphic using interpolation. Images can be made either smaller or larger. Just specify the new width and height. If you leave either off, it will assume the current image size.

// Resize the image to 64x64.
image.scale({
  width: 64,
  height: 64,
  success: function(image) {
    // The image was scaled.
  },
  error: function(error) {
    // The image could not be scaled.
  }
});

Sometimes it's more convenient to specify a ratio to resize to, instead of absolute dimensions.

// Resize the image to 25% of its original size.
image.scale({
  ratio: 0.25,
  success: function(image) {
    // The image was scaled.
  },
  error: function(error) {
    // The image could not be scaled.
  }
});

Changing Image Formats

You can even change the file format of an image file. For example, you may want to convert a file to a JPEG to reduce file size and bandwidth usage.

// Change the image to be a JPEG.
image.setFormat("JPEG", {
  success: function(image) {
    // The image was changed to a JPEG.
  },
  error: function(error) {
    // The image could not be reformatted.
  }
});

Image Thumbnail Example

Every Image method returns a Parse.Promise in addition to having callbacks. This makes it easy to chain together multiple operations. Consider the common case where a user supplies an image to use for their profile. It's nice to be able to automatically generate a thumbnail of that photo to use in some of your UI. This can be done using a beforeSave handler.

var Image = require("parse-image");

Parse.Cloud.beforeSave("_User", function(request, response) {
  var user = request.object;
  if (!user.get("profilePhoto")) {
    response.error("Users must have a profile photo.");
    return;
  }

  if (!user.dirty("profilePhoto")) {
    // The profile photo isn't being modified.
    response.success();
    return;
  }

  Parse.Cloud.httpRequest({
    url: user.get("profilePhoto").url()

  }).then(function(response) {
    var image = new Image();
    return image.setData(response.buffer);

  }).then(function(image) {
    // Crop the image to the smaller of width or height.
    var size = Math.min(image.width(), image.height());
    return image.crop({
      left: (image.width() - size) / 2,
      top: (image.height() - size) / 2,
      width: size,
      height: size
    });

  }).then(function(image) {
    // Resize the image to 64x64.
    return image.scale({
      width: 64,
      height: 64
    });

  }).then(function(image) {
    // Make sure it's a JPEG to save disk space and bandwidth.
    return image.setFormat("JPEG");

  }).then(function(image) {
    // Get the image data in a Buffer.
    return image.data();

  }).then(function(buffer) {
    // Save the image into a new file.
    var base64 = buffer.toString("base64");
    var cropped = new Parse.File("thumbnail.jpg", { base64: base64 });
    return cropped.save();

  }).then(function(cropped) {
    // Attach the image file to the original object.
    user.set("profilePhotoThumbnail", cropped);

  }).then(function(result) {
    response.success();
  }, function(error) {
    response.error(error);
  });
});

SendGrid

SendGrid is a cloud-based email service that delivers email on behalf of companies to increase deliverability and improve customer communications. If you do not already have a SendGrid account, you can do so (here)[http://www.sendgrid.com].

SendGrid provides reliable delivery, scalability and real-time analytics along with flexible APIs that make custom integration simple. Access advanced metrics and reporting with our powerful APIs to customize, measure and automate your email program.

Sending Email

The SendGrid module allows you to send attachments to multiple recipients and all the features of the SMTPAPI Header. For a more comprehensive documentation and examples, please visit the official repository for this library.

var sendgrid = require("sendgrid");

sendgrid.initialize("sendgrid_username", "sendgrid_password");
SendGrid.sendEmail({
  to: ["email@example.com (mailto:email@example.com)", "email+1@example.com"],
  from: "SendGrid@CloudCode.com (mailto:SendGrid@CloudCode.com)",
  subject: "Hello from Cloud Code!",
  text: "Using Parse and SendGrid is great!",
  replyto: "reply@example.com (mailto:reply@example.com)"
}).then(function(httpResponse) {
  console.log(httpResponse);
  response.success("Email sent!");
},function(httpResponse) {
  console.error(httpResponse);
  response.error("Uh oh, something went wrong");
});

Email Webhooks

SendGrid offers two webhooks, one for events and another for incoming email. Here are some cool things you can do with these webhooks.

With the Event Webhook, SendGrid allows you to monitor all stats with your SendGrid account in real-time and drill down to individual recipients to see who is opening and clicking your important messages. The Event Webhook will notify a URL of your choice via HTTP POST with information about these events as SendGrid processes your email. Common uses of this data are to remove unsubscribes, react to spam reports, determine unengaged recipients, identify bounced email addresses or create advanced analytics of your email program.

Enabling the SendGrid Event Webhook requires simply adding the endpoint in your Parse app to your settings:

The SendGrid Parse Webhook allows you to manage inbound email with as a smarter alternative to no-reply addresses. SendGrid can parse the attachments and contents of incoming emails enabling users to post content to an app (blog entries, photo uploads, etc.) via email. The SendGrid Parse API will POST the parsed email to a URL that you specify.

You can enable the SendGrid Parse Webhook by adding the following settings to your account:

Stripe

Stripe provides a very easy-to-use API for processing credit cards on the web or in your mobile app. You can take a look at their service at www.stripe.com. To use this Cloud Module, you will need to head over to the Stripe website and create an account. The current version of the Stripe Cloud Module supports the majority of their REST API.

To use this module in your Cloud Code functions, start by requiring and initializing it with your credentials.

var Stripe = require('stripe');
Stripe.initialize('mySecretKey');

Charging a Credit Card

Charging a credit card using Stripe and Parse will usually follow this flow.

  1. Getting a Credit Card Token

The first step to charging a credit card is to generate a token using the Stripe API. You should do this from your mobile or web client using your "publishable key". This will ensure that only Stripe manipulates the sensitive credit card information. If you are using iOS, you can use the Stripe iOS SDK, otherwise take a look at the Creating a Token section of their REST API documentation.

  1. Calling your Cloud Code Function

After successfully creating a token, you can send the card token to a Cloud Code function. For more on creating and calling Parse Cloud Functions from the client SDKs or REST API, take a look at the Cloud Code Guide.

  1. Charging the Credit Card

From a Cloud Code function, you can then use the Stripe Cloud Module to charge the credit card token. Using the Stripe.Charges.create function you can specify the amount, currency, and card token to use for the purchase. The full list of available parameters can be found in Stripe's API documentation, but the following example demonstrates the basic use case.

Stripe.Charges.create({
  amount: 100 * 10, // $10 expressed in cents
  currency: "usd",
  card: "tok_3TnIVhEv9P24T0" // the token id should be sent from the client
},{
  success: function(httpResponse) {
    response.success("Purchase made!");
  },
  error: function(httpResponse) {
    response.error("Uh oh, something went wrong");
  }
});

Available Functionality

There are many more functions available from the Stripe Cloud Module. Please consult the Stripe Cloud Module API reference for the full list of available functions and consult Stripe's own REST documentation for more information on how their platform works.

Twilio

Parse provides the full functionality of the Twilio-node module including SMS, Voice, and Twiml features. Please refer to the documentation here: Twilio-node module documentation. You do not need to install the module, as it is already installed and hosted on Parse.

Usage Example

// Require and initialize the Twilio module with your credentials
var client = require('twilio')('ACCOUNT_SID', 'AUTH_TOKEN');

// Send an SMS message
client.sendSms({
    to:'+16515556677', 
    from: '+14506667788', 
    body: 'Hello world!' 
  }, function(err, responseData) { 
    if (err) {
      console.log(err);
    } else { 
      console.log(responseData.from); 
      console.log(responseData.body);
    }
  }
);

Inbound Requests

With Express in Cloud Code, you can define routes to handle incoming requests. The following is an example Custom Webhook that receives requests from Twilio.

var express = require('express');
var app = express();

// Global app configuration section
app.use(express.bodyParser());  // Populate req.body

app.post('/receiveSMS',
         function(req, res) {

  console.log("Received a new text: " + req.body.From);
  res.send('Success');
});

app.listen();

After creating the route and deploying, configure the URL with Twilio and your webhook will begin handling requests from Twilio. You will have access to all of the request data through req.body in your Custom Webhook. The full list of available data can be found in the Twilio documentation.

For additional information about the Twilio Cloud Module, take a look at the twilio-node Reference.

Underscore

Underscore.js is a utility-belt library for JavaScript that provides a lot of the functional programming support. You can learn more about Underscore on their website. The Parse SDK uses this library internally but it is also available in Cloud Code using the underscore Cloud Module. To use it, you simply need to require it.

var _ = require('underscore');

For additional information about the Underscore.js Cloud Module, take a look at their API reference

Want to contribute to this doc? Edit this section.
Was this section helpful? NO YES Thanks for your feedback, we’re always working to make our docs better.

Command Line Tool

The Parse command line tool allows you to interact with your Cloud Code from your terminal. Some of the topics here is also covered in the Cloud Code guide, but they are repeated here for clarity.

Installation

Mac and Linux

In Mac OS and Linux/Unix environments, you can get the parse tool by running this command:

curl -s https://www.parse.com/downloads/cloud_code/installer.sh | sudo /bin/bash

This installs a tool named "parse" to /usr/local/bin/parse. There's no other junk, so to uninstall, just delete that file. This will also update your command line tool if you already have it installed.

Windows

The Parse command line tool for Windows is available here.

Updating

You can update the command line tool using parse update. It will automatically update your Parse command line tool to the latest version.

$ parse update
Fetching latest version ...
####################################################################### 100%
Installing ...

Setting Up Your App

The next step is to create a directory to store the code that you will run in the cloud. The command parse new sets up this directory, and will prompt you to pick which app you are creating Cloud Code for:

$ parse new MyCloudCode
Email: ninja@gmail.com
Password:
1:MyApp
Select an App: 1
$ cd MyCloudCode

Use the email address and password for your Parse account to log in. If you signed up via OAuth and never set a password, you should now set one by editing your account settings. This will create a directory called MyCloudCode in the current directory. Several files are automatically created for you:

-config/
  global.json
-cloud/
  main.js
-public/
  index.html

The config directory contains a JSON configuration file that you shouldn't normally need to deal with, the cloud directory stores your Cloud Code, and the public directory stores any static content that you want to host on Parse. In the cloud directory, you'll typically just be editing main.js, which stores all of your Cloud Code functions. For now, just check that these files were created successfully. If you're using source control, you can check all of these files in.

We recommend using source control to check in all of these files. If you're not already set up with source control, try this tutorial from GitHub. Keep in mind that these files will contain keys you want to keep private.

The same code can be deployed to multiple different applications. This is useful so that you can have separate "development" and "production" applications. Then you test the code on a development application before launching it in production.

The first application that is added (by the new command) will be the default application for all command line operations. All commands except for new take an optional application that the command will be performed on.

Deploying

To deploy a new release, run parse deploy from the command line:

$ parse deploy
New release is named v1

This pushes the new code (in cloud/main.js) to the Parse Cloud and deploys this code for the default target which is the first app that was added or the one you set using parse default. You can choose to deploy to a different target by adding the target as an argument to deploy like so:

$ parse deploy "My Other App"
New release is named v2

You can add release notes to the deploy with the -d or --description= option

When embedding parse deploy within other scripts (such as in an automated testing/deploy environment) you can rely on the exit code from the Parse command line tool to indicate whether the command succeded. It will have an exit code of 0 on success and a non-zero exit code when the deploy failed.

Developing Cloud Code

You can also run the Parse command line tool in development mode using the develop command. This will make the tool watch the source directory for any updates and deploy them to Parse, as well as providing a live stream of the logs.

$ parse develop development
E2013-03-19:20:17:01.423Z] beforeSave handler in release 'v1' ran for GameScore with the input:
  {"original": null, "update":{"score": 1337}}
 and failed validation with Each GamesScore must have a playerName
New release is named v58
I2013-03-19T20:17:10.343Z] Deployed v58 with triggers:
  GameScore:
    before_save

Unlike the other commands, for develop you must specify the Parse App to push updates to. This is to avoid accidentally running develop on your production app causing you to run untested code in your production app.

Adding a New Target

You can add a new parse application as a target by running the add command. This prompts you for your Parse.com email and password and provides you a list of applications to choose from:

$ parse add
Email: pirate@gmail.com
Password:
1:PiecesOfEightCounter
2:BootyDivider
Select an App: 1

The add command takes an optional argument which is an alias to assign to the application that can be used instead of the app name.

Typically, all of this configuration data gets stored in the global.json. However, you might have an app that you use for development that you do not want to share with the rest of your team. You can use the --local flag to add this configuration instead to a separate local.json file. This way, you can check global.json into source control, while keeping local.json just on your own machine.

Setting the Default App

parse deploy, parse log, parse rollback, and parse releases use the default app to be run against the commands. parse default allows you to change this default app.

$ parse default MyApp
Default app set to MyApp.
$ parse default
Current default app is MyApp

Rolling Back

You can roll back a release using parse rollback. Just like with parse deploy, you can specify an optional target argument.

$ parse rollback
Rolled back to v1

This rolls back to the previous version of the code. You can also specify the release name to roll back to by using the -r or --release= option.

Reading the Logs

Every deploy, rollback, and activation of Cloud Code is logged. You can retrieve the end of logs using the parse log command. There are two types of logs:

The log command takes an optional target as well as two options:

$ parse log -n 1
I2012-07-10:13:37:00] beforeSave handler in release 'v1' ran for GameScore with the input:
  {"original": null, "update":{"score": 1337}}
 and failed validation with Each GamesScore must have a playerName

Listing Releases

You can list the known set of releases on the Parse Cloud with the releases command. Parse only tracks the last 10 releases.

$ parse releases
Name                            Description                     Date
v14                             Add background job              2015-03-11T18:17:52Z
v15                             No release notes given          2015-03-11T18:45:32Z
v16                             Moved to webhooks               2015-03-16T21:32:02Z
...

Setting the SDK version

The default Parse JavaScript SDK version that is used for the Cloud Code in this directory is the latest version at the time the new command was run for this directory. If you want to change this use parse jssdk. You can see all available Parse JavaScript SDKs using parse jssdk -a. You can also use parse jssdk to check which Parse JavaScript SDK version is currently being used.

$ parse jssdk
Current JavaScript SDK version is 1.2.13
$ parse jssdk -a
  1.2.18
  1.2.17
  1.2.16
  1.2.15
  1.2.14
* 1.2.13
  1.2.12
  1.2.11
$ parse jssdk 1.2.18
Current JavaScript SDK version is 1.2.18
$ parse jssdk -a
* 1.2.18
  1.2.17
  1.2.16
  1.2.15
  1.2.14
  1.2.13
  1.2.12
  1.2.11
Want to contribute to this doc? Edit this section.
Was this section helpful? NO YES Thanks for your feedback, we’re always working to make our docs better.

Performance

As your app scales, you will want to ensure that it performs well under increased load and usage. There are parts of optimizing performance that Parse takes care of but there are some things you can do. This document provides guidelines on how you can optimize your app's performance. While you can use Parse for quick prototyping and not worry about performance, you will want to keep our performance guidelines in mind when you're initially designing your app. We strongly advise that you make sure you've followed all suggestions before releasing your app.

Parse provides services out of the box to help your app scale auto-magically. On top of our MongoDB datastore, we have built an API layer that seamlessly integrates with our client-side SDKs. Our cloud infrastructure uses online learning algorithms to automatically rewrite inefficient queries and generate database indexes based on your app’s realtime query stream.

In addition to what Parse provides, you can improve your app's performance by looking at the following:

Keep in mind that not all suggestions may apply to your app. Let's look into each one of these in more detail.

Write Efficient Queries

Parse objects are stored in a database. A Parse query retrieves objects that you are interested in based on conditions you apply to the query. To avoid looking through all the data present in a particular Parse class for every query, the database can use an index. An index is a sorted list of items matching a given criteria. Indexes help because they allow the database to do an efficient search and return matching results without looking at all of the data. Indexes are typically smaller in size and available in memory, resulting in faster lookups.

Smart Indexing

The key to writing efficient queries is understanding our indexing strategy. If your data is not indexed, every query will have to go through the the entire data for a class to return a query result. On the other hand, if your data is indexed appropriately, the number of documents scanned to return a correct query result should be low.

One of the advantages to using Parse if that you don't have to worry about managing your own database and maintaining indexes. We've built an abstraction to manage all that complexity. However, you do have to organize your data model and use performant queries to take advantage of this. To better understand how to go about doing this, you need to understand how our systems are operating behind the abstraction. The key strategy you will want to understand here is our use of smart indexing.

Smart indexing means that we algorithmically generate indexes for the apps that we host. The sheer number of apps hosted on Parse means that we cannot manually generate indexes for each app. This would not scale well as developers can change their schemas or query patterns at any time. This is why we rely on smart indexes.

We perform two types of index creation logic. The first generates simple (single field) indexes for each API request, and the second does offline processing to pick good compound indexes based on real API traffic patterns. In each case the goal is to pick indexes that result in the smallest search space for the query, that is, there will be less data to scan to find results.

The simple indexing strategy looks at every API request and attempts to pick good indexes based on the following:

The order of a query constraint's usefulness is:

Take a look at the following query to retrieve GameScore objects:

var GameScore = Parse.Object.extend("GameScore");
var query = new Parse.Query(GameScore);
query.equalTo("score", 50);
query.containedIn("playerName",
    ["Jonathan Walsh", "Dario Wunsch", "Shawn Simon"]);
// No Swift example.
// Want to contribute to this doc? https://github.com/ParsePlatform/Docs/issues/21

Creating an index query based on the score field would yield a smaller search space in general than creating one on the playerName field.

When examining data types, booleans have a very low entropy and and do not make good indexes. Take the following query constraint:

query.equalTo("cheatMode", false);
// No Swift example.
// Want to contribute to this doc? https://github.com/ParsePlatform/Docs/issues/21

The two possible values for cheatMode are true and false. If an index was added on this field it would be of little use because it's likely that 50% of the records will have to be looked at to return query results.

We also throw out relations and join tables, since no values are stored for these keys. We heavily promote GeoPoints since MongoDB won’t run a geo query without a geo index. Other data types are ranked by their expected entropy of the value space for the key:

We score each query according to the above metrics, and make sure we create a unique index on the three top-scoring fields for each query. For a compound query that consists of an OR of subqueries, we compute the top three indexes for each subquery.

Even the best indexing strategy can be defeated by suboptimal queries. You will need to design queries that work hand in hand with smart indexing to deliver performant apps.

Efficient Query Design

Writing efficient queries means taking full advantage of indexes. Let's take a look at some query constraints that negate the use of indexes:

Additionally, the following queries under certain scenarios may result in slow query responses if they can't take advantage of indexes:

Not Equal To

For example, let's say you're tracking high scores for a game in a GameScore class. Now say you want to retrieve the scores for all players except a certain one. You could create this query:

var GameScore = Parse.Object.extend("GameScore");
var query = new Parse.Query(GameScore);
query.notEqualTo("playerName", "Michael Yabuti");
query.find().then(function(results) {
  // Retrieved scores successfully
});
// No Swift example.
// Want to contribute to this doc? https://github.com/ParsePlatform/Docs/issues/21

This query can't take advantage of indexes. The database has to look at all the objects in the GameScore class to satisfy the constraint and retrieve the results. As the number of entries in the class grows, the query takes longer to run.

Luckily, most of the time a “Not Equal To” query condition can be rewritten as a “Contained In” condition. Instead of querying for the absence of values, you ask for values which match the rest of the column values. Doing this allows the database to use an index and your queries will be faster.

For example if the User class has a column called state which has values “SignedUp”, “Verified”, and “Invited”, the slow way to find all users who have used the app at least once would be to run the query:

var query = new Parse.Query(Parse.User);
query.notEqualTo("state", "Invited");
// No Swift example.
// Want to contribute to this doc? https://github.com/ParsePlatform/Docs/issues/21

It would be faster to use the “Contained In” condition when setting up the query:

query.containedIn("state", ["SignedUp", "Verified"]);
// No Swift example.
// Want to contribute to this doc? https://github.com/ParsePlatform/Docs/issues/21

Sometimes, you may have to completely rewrite your query. Going back to the GameScore example, let's say we were running that query to display players who had scored higher than the given player. We could do this differently, by first getting the given player's high score and then using the following query:

var GameScore = Parse.Object.extend("GameScore");
var query = new Parse.Query(GameScore);
// Previously retrieved highScore for Michael Yabuti
query.greaterThan("score", highScore);
query.find().then(function(results) {
  // Retrieved scores successfully
});
// No Swift example.
// Want to contribute to this doc? https://github.com/ParsePlatform/Docs/issues/21

The new query you use depends on your use case. This may sometimes mean a redesign of your data model.

Not Contained In

Similar to “Not Equal To”, the “Not Contained In” query constraint can't use an index. You should try and use the complementary “Contained In” constraint. Building on the User example, if the state column had one more value, “Blocked”, to represent blocked users, a slow query to find active users would be:

var query = new Parse.Query(Parse.User);
query.notContainedIn("state", ["Invited", "Blocked"];
// No Swift example.
// Want to contribute to this doc? https://github.com/ParsePlatform/Docs/issues/21

Using a complimentary “Contained In” query constraint will always be faster:

query.containedIn("state", ["SignedUp", "Verified"]);
// No Swift example.
// Want to contribute to this doc? https://github.com/ParsePlatform/Docs/issues/21

This means rewriting your queries accordingly. Your query rewrites will depend on your schema set up. It may mean redoing that schema.

Regular Expressions

Most regular expression queries in Parse have been deprecated due to performance considerations. MongoDB is not efficient for doing partial string matching except for the special case where you only want a prefix match. Queries that have regular expression constraints are therefore very expensive, especially for classes with over 100,000 records. Parse restricts how many such operations can be run on a particular app at any given time.

You should avoid using regular expression constraints that don't use indexes. For example, the following query looks for data with a given string in the playerName field. The string search is case insensitive:

query.matches("playerName", "Michael", “i”);
// No Swift example.
// Want to contribute to this doc? https://github.com/ParsePlatform/Docs/issues/21

A similar query looks for any occurrence of the string in the field, however the search is case sensitive:

query.contains("playerName", "Michael");
// No Swift example.
// Want to contribute to this doc? https://github.com/ParsePlatform/Docs/issues/21

These queries are both slow. Depending on your use case, you should switch to using the following constraint that uses an index:

query.startsWith("playerName", "Michael");
// No Swift example.
// Want to contribute to this doc? https://github.com/ParsePlatform/Docs/issues/21

This looks for data that starts with the given string. This query will use the backend index, so it will be faster even for large datasets.

As a best practice, when you use regular expression constraints, you'll want to ensure that other constraints in the query reduce the result set to the order of hundreds of objects to make the query efficient. If you must use the matches()constraint for legacy reasons, then use case sensitive, anchored queries where possible, for example:

query.matches("playerName", "^Michael");
// No Swift example.
// Want to contribute to this doc? https://github.com/ParsePlatform/Docs/issues/21

Most of the use cases around using regular expressions involve implementing search. A more performant way of implementing search is detailed later.

Write Restrictive Queries

Writing restrictive queries allows you to return only the data that the client needs. This is critical in a mobile environment were data usage can be limited and network connectivity unreliable. You also want your mobile app to appear responsive and this is directly affected by the objects you send back to the client. The Querying Guide shows the types of constraints you can add to your existing queries to limit the data returned. When adding constraints, you want to pay attention and design efficient queries.

You can limit the number of query results returned. The limit is 100 by default but anything from 1 to 1000 is a valid limit:

query.limit(10); // limit to at most 10 results
// No Swift example.
// Want to contribute to this doc? https://github.com/ParsePlatform/Docs/issues/21

If you're issuing queries on GeoPoints, make sure you specify a reasonable radius:

var query = new Parse.Query(PlaceObject);
query.withinMiles("location", userGeoPoint, 10.0);
query.find().then(function(placesObjects) {
  // Get a list of objects within 10 miles of a user's location
});
// No Swift example.
// Want to contribute to this doc? https://github.com/ParsePlatform/Docs/issues/21

You can further limit the fields returned by calling select:

var GameScore = Parse.Object.extend("GameScore");
var query = new Parse.Query(GameScore);
query.select("score", "playerName");
query.find().then(function(results) {
  // each of results will only have the selected fields available.
});
// No Swift example.
// Want to contribute to this doc? https://github.com/ParsePlatform/Docs/issues/21

Client-side Caching

For queries run from iOS and Android, you can turn on query caching. See the iOS and Android guides for more details. Caching queries will increase your mobile app's performance especially in cases where you want to display cached data while fetching the latest data from Parse.

Use Cloud Code

Cloud Code allows you to run custom JavaScript logic on Parse instead of on the client.

You can use this to off load processing to the Parse servers thus increasing your app's perceived performance. You can create hooks that run whenever an object is saved or deleted. This is useful if you want to validate or sanitize your data. You can also use Cloud Code to modify related objects or kick off other processes such as sending off a push notification. There are time limits to how long Cloud Code can run, for example an afterSave hook only has 3 seconds to run. You can use Background Jobs if you need to run more time consuming processes such as data migrations.

We saw examples of limiting the data returned by writing restrictive queries. You can also use Cloud Functions to help limit the amount of data returned to your app. In the following example, we use a Cloud Function to get a movie's average rating:

Parse.Cloud.define("averageStars", function(request, response) {
  var Review = Parse.Object.extend("Review");
  var query = new Parse.Query(Review);
  query.equalTo("movie", request.params.movie);
  query.find().then(function(results) {
    var sum = 0;
    for (var i = 0; i < results.length; ++i) {
      sum += results[i].get("stars");
    }
    response.success(sum / results.length);
  }, function(error) {
    response.error("movie lookup failed");
  });
});
// No Swift example.
// Want to contribute to this doc? https://github.com/ParsePlatform/Docs/issues/21

You could have ran a query on the Review class on the client, returned only the stars field data and computed the result on the client. As the number of reviews for a movie increases you can see that the data being returned to the device using this methodology also increases. Implementing the functionality through a Cloud Function returns the one result if successful.

As you look at optimizing your queries, you'll find that you may have to change the queries - sometimes even after you've shipped your app to the App Store or Google Play. The ability to change your queries without a client update is possible if you use Cloud Functions. Even if you have to redesign your schema, you could make all the changes in your Cloud Functions while keeping the client interface the same to avoid an app update. Take the average ratings Cloud Function example from before, calling it from an iOS client would look like this:

[PFCloud callFunctionInBackground:@"averageStars"
                  withParameters:@{@"movie": @"The Matrix"}
                           block:^(NSNumber *ratings, NSError *error) {
  if (!error) {
    // ratings is 4.5
  }
}];
// No Swift example.
// Want to contribute to this doc? https://github.com/ParsePlatform/Docs/issues/21

If later on, you need to modify the underlying data model, your client call can remain the same, as long as you return back a number that represents the ratings result.

Avoid Count Operations

For classes with over 1,000 objects, count operations are limited by timeouts. They may routinely yield timeout errors or return results that are only approximately correct. Thus, it is preferable to architect your application to avoid this count operation.

Suppose you are displaying movie information in your app and your data model consists of a Movie class and a Review class that contains a pointer to the corresponding movie. You might want to display the review count for each movie on the top-level navigation screen using a query like this:

var Review = Parse.Object.extend("Review");
var query = new Parse.Query("Review");
// movieId corresponds to a given movie's id
query.equalTo(“movie”, movieId);
query.count().then(function(count) {
  // Request succeeded
}, function(error) {
  // Request failed
});
// No Swift example.
// Want to contribute to this doc? https://github.com/ParsePlatform/Docs/issues/21

If you run the count query for each of the UI elements, they will not run efficiently on large data sets. One approach to avoid using the count() operator could be to add a field to the Movie class that represents the review count for that movie. When saving an entry to the Review class you could increment the corresponding movie's review count field. This can be done in an afterSave handler:

Parse.Cloud.afterSave("Review", function(request) {
  // Get the movie id for the Review
  var movieId = request.object.get("movie").id;
  // Query the Movie represented by this review
  var Movie = Parse.Object.extend("Movie");
  var query = new Parse.Query(Movie);
  query.get(movieId).then(function(movie) {
    // Increment the reviews field on the Movie object
    movie.increment("reviews");
    movie.save();
  }, function(error) {
    throw "Got an error " + error.code + " : " + error.message;
  });
});
// No Swift example.
// Want to contribute to this doc? https://github.com/ParsePlatform/Docs/issues/21

Your new optimized query would not need to look at the Review class to get the review count:

var Movie = Parse.Object.extend("Movie");
var query = new Parse.Query(Movie);
query.find().then(function(results) {
  // Results include the reviews count field
}, function(error) {
  // Request failed
});
// No Swift example.
// Want to contribute to this doc? https://github.com/ParsePlatform/Docs/issues/21

You could also use a separate Parse Object to keep track of counts for each review. Whenever a review gets added or deleted, you can increment or decrement the counts in an afterSave or afterDelete Cloud Code handler. The approach you choose depends on your use case.

Implement Efficient Searches

As mentioned previously, MongoDB is not efficient for doing partial string matching. However, this is an important use case when implementing search functionality that scales well in production.

Simplistic search algorithms simply scan through all the class data and executes the query on each entry. The key to making searches run efficiently is to minimize the number of data that has to be examined when executing each query by using an index as we've outlined earlier. You’ll need to build your data model in a way that it’s easy for us to build an index for the data you want to be searchable. For example, string matching queries that don’t match an exact prefix of the string won’t be able to use an index leading to timeout errors as the data set grows.

Let's walk through an example of how you could build an efficient search. You can apply the concepts you learn in this example to your use case. Say your app has users making posts, and you want to be able to search those posts for hashtags or particular keywords. You’ll want to pre-process your posts and save the list of hashtags and words into array fields. You can do this processing either in your app before saving the posts, or you can use a Cloud Code beforeSave hook to do this on the fly:

var _ = require("underscore");
Parse.Cloud.beforeSave("Post", function(request, response) {
  var post = request.object;
  var toLowerCase = function(w) { return w.toLowerCase(); };
  var words = post.get("text").split(/\b/);
  words = _.map(words, toLowerCase);
  var stopWords = ["the", "in", "and"]
  words = _.filter(words, function(w) {
    return w.match(/^\w+$/) && !   _.contains(stopWords, w);
  });
  var hashtags = post.get("text").match(/#.+?\b/g);
  hashtags = _.map(hashtags, toLowerCase);
  post.set("words", words);
  post.set("hashtags", hashtags);
  response.success();
});

This saves your words and hashtags in array fields, which MongoDB will store with a multi-key index. There are some important things to notice about this. First of all it’s converting all words to lower case so that we can look them up with lower case queries, and get case insensitive matching. Secondly, it’s filtering out common words like ‘the’, ‘in’, and ‘and’ which will occur in a lot of posts, to additionally reduce useless scanning of the index when executing the queries.

Once you've got the keywords set up, you can efficiently look them up using “All” constraint on your query:

var Post = Parse.Object.extend("Post");
var query = new Parse.Query(Post);
query.containsAll("hashtags", [“#parse”, “#ftw”]);
query.find().then(function(results) {
  // Request succeeded
}, function(error) {
  // Request failed
});
// No Swift example.
// Want to contribute to this doc? https://github.com/ParsePlatform/Docs/issues/21

Limits and Other Considerations

There are some limits in place to ensure the API can provide the data you need in a performant manner. We may adjust these in the future. Please take a moment to read through the following list:

Objects

Files

Cloud Code

Queries

Want to contribute to this doc? Edit this section.
Was this section helpful? NO YES Thanks for your feedback, we’re always working to make our docs better.

Error Codes

The following is a comprehensive list of all the error codes that can be returned by the Parse API.

Name Code Description
OtherCause -1 An unknown error or an error unrelated to Parse occurred.
InternalServerError 1 Internal server error. No information available.
ConnectionFailed 100 The connection to the Parse servers failed.
ObjectNotFound 101 The specified object doesn't exist.
InvalidQuery 102 You tried to find values matching a datatype that doesn't support exact database matching, like an array or a dictionary.
InvalidClassName 103 Missing or invalid classname. Classnames are case-sensitive. They must start with a letter, and a-zA-Z0-9_ are the only valid characters.
MissingObjectId 104 An unspecified object id.
InvalidKeyName 105 An invalid key name. Keys are case-sensitive. They must start with a letter, and a-zA-Z0-9_ are the only valid characters.
InvalidPointer 106 A malformed pointer. You should not see this unless you have been mucking about changing internal Parse code.
InvalidJSON 107 Badly formed JSON was received upstream. This either indicates you have done something unusual with modifying how things encode to JSON, or the network is failing badly.
CommandUnavailable 108 The feature you tried to access is only available internally for testing purposes.
NotInitialized 109 You must call Parse.initialize before using the Parse library. Check the Quick Start guide for your platform.
IncorrectType 111 A field was set to an inconsistent type.
InvalidChannelName 112 Invalid channel name. A channel name is either an empty string (the broadcast channel) or contains only a-zA-Z0-9_ characters and starts with a letter.
InvalidSubscriptionType 113 Bad subscription type.
InvalidDeviceToken 114 The provided device token is invalid.
PushMisconfigured 115 Push is misconfigured in your app. See error details to find out how.
ObjectTooLarge 116 The object is too large. ParseObjects have a max size of 128 kilobytes.
InvalidLimitError 117 An invalid value was set for the limit. A limit must be a non-negative integer.
InvalidSkipError 118 An invalid value was set for skip.
OperationForbidden 119 The operation isn't allowed for clients.
CacheMiss 120 The result was not found in the cache.
InvalidNestedKey 121 An invalid key was used in a nested JSONObject.
InvalidFileName 122 An invalid filename was used for %{ParseFile}. A valid file name contains only a-zA-Z0-9_. characters and is between 1 and 128 characters.
InvalidACL 123 An invalid ACL was provided.
Timeout 124 The request timed out on the server. Typically this indicates that the request is too expensive to run.
InvalidEmailAddress 125 The email address was invalid.
MissingContentType 126 Missing content type.
MissingContentLength 127 Missing content length.
InvalidContentLength 128 Invalid content length.
FileTooLarge 129 File that was too large. Files are limited to 10 MB.
FileSaveError 130 Error saving a file.
FileDeleteError 131 File could not be deleted.
InvalidInstallationIdError 132 Invalid installation id.
InvalidDeviceTypeError 133 Invalid device type.
InvalidChannelsArrayError 134 Invalid channels array value.
MissingRequiredFieldError 135 Required field is missing.
ChangedImmutableFieldError 136 An immutable field was changed.
DuplicateValue 137 Unique field was given a value that is already taken.
InvalidExpirationError 138 Invalid expiration value.
InvalidRoleName 139 Role's name is invalid.
ExceededQuota 140 An application quota was exceeded. Upgrade to resolve.
ScriptFailed 141 Cloud Code script failed. Usually points to a JavaScript error in your script.
ValidationFailed 142 Cloud Code validation failed.
ReceiptMissing 143 Product purchase receipt is missing.
InvalidPurchaseReceipt 144 Product purchase receipt is invalid.
PaymentDisabled 145 Payment is disabled on this device.
InvalidProductIdentifier 146 The product identifier is invalid.
ProductNotFoundInAppStore 147 The product is not found in the App Store.
InvalidServerResponse 148 The Apple server response is not valid.
ProductDownloadFilesystemError 149 The product fails to download due to file system error.
InvalidImageData 150 Invalid image data.
UnsavedFileError 151 An unsaved file.
InvalidPushTimeError 152 An invalid push time.
FileDeleteFailed 153 A file deletion failed.
InefficientQueryError 154 An inefficient query was rejected by the server.
RequestLimitExceeded 155 An application has exceeded its request limit. Upgrade to resolve.
MissingPushIdError 156 A push id is missing.
MissingDeviceTypeError 157 The device type field is missing.
TemporaryRejectionError 159 An application's requests are temporary rejected by the server. File a bug report for further instructions.
InvalidEventName 160 The provided event name is invalid.
UsernameMissing 200 The username is missing or empty.
PasswordMissing 201 The password is missing or empty.
UsernameTaken 202 The username has already been taken.
UserEmailTaken 203 Email has already been taken.
UserEmailMissing 204 The email is missing, and must be specified.
UserWithEmailNotFound 205 A user with the specified email was not found.
SessionMissing 206 A user object without a valid session could not be altered.
MustCreateUserThroughSignup 207 A user can only be created through signup.
AccountAlreadyLinked 208 An account being linked is already linked to another user.
InvalidSessionToken 209 The device's session token is no longer valid. The developer should ask the user to log in again.
LinkedIdMissing 250 A user cannot be linked to an account because that account's id could not be found.
InvalidLinkedSession 251 A user with a linked (e.g. Facebook or Twitter) account has an invalid session.
UnsupportedService 252 A service being linked (e.g. Facebook or Twitter) is unsupported.
InvalidAuthDataError 253 An invalid authData value was passed. It must be a Hash, not String.
AggregateError 600 There were multiple errors. Aggregate errors have an "errors" property, which is an array of error objects with more detail about each error that occurred.
XDomainRequest A real error code is unavailable because we had to use an XDomainRequest object to allow CORS requests in Internet Explorer, which strips the body from HTTP responses that have a non-2XX status code.
Unauthorized Unauthorized request. Are you missing an authentication header?
Want to contribute to this doc? Edit this section.
Was this section helpful? NO YES Thanks for your feedback, we’re always working to make our docs better.