主题
认证方式配置
结构说明
通用配置结构说明
| 字段 | 类型 | 说明 |
|---|---|---|
| reloadUser | BOOL | 刷新页面时,是否重新执行认证流程(主要用于嵌入模式下与主站的登录用户保持同步) |
| enableSyncUserAttr | BOOL | 启用用户属性同步 |
| loginNameMapping | STRING | 用户名映射 |
| userNameMapping | STRING | 显示名映射 |
| emailMapping | STRING | 邮箱映射 |
| mobileMapping | STRING | 手机号映射 |
| rolesMapping | STRING | 角色映射 |
| groupsMapping | STRING | 组映射 |
| orgsMapping | STRING | 组织架构映射 |
| tenantCodeMapping | STRING | 企业 ID 映射 |
| tenantNameMapping | STRING | 企业名称映射 |
| platformSourceId | STRING | 平台方 ID |
| enableSessionExpSync | BOOLEAN | 启用 SSO exp 会话有效期同步 |
| sessionExpSyncMapping | STRING | 会话有效期映射 |
认证方式接口说明
获取支持的认证方式列表
获取支持的认证方式列表
请求URL
http
GET /api/authentication-configs/form-items HTTP/1.1
Accept: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...请求参数
URL 参数
无
request body 参数
无
返回对象的格式说明
| 字段 | 类型 | 说明 |
|---|---|---|
| id | STRING | 认证方式的唯一键 |
| name | STRING | 认证方式的名称 |
接口示例1: 获取支持的认证方式列表
http
GET /api/authentication-configs/form-items HTTP/1.1
Accept: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...http
HTTP/1.1 200 Ok
Content-Type: application/json
{
"version": "version@9a5e106#6730f0d",
"code": 0,
"msg": "success",
"data": [
{
"id": "hengshi",
"name": "HENGSHI"
},
{
"id": "ldap",
"name": "LDAP"
},
{
"id": "cas",
"name": "CAS"
},
{
"id": "saml2",
"name": "SAML2"
},
{
"id": "oauth2",
"name": "OAUTH2"
},
{
"id": "dingtalk",
"name": "钉钉"
},
{
"id": "wechat-work",
"name": "企业微信"
},
{
"id": "ctr",
"name": "CTR"
},
{
"id": "yunzhijia",
"name": "云之家"
},
{
"id": "jwt-param",
"name": "JWT 请求参数"
},
{
"id": "lark",
"name": "飞书"
},
{
"id": "qince",
"name": "勤策"
}
]
}获取默认的认证方式
获取默认的认证方式
请求URL
http
GET /api/authentication-configs/active-auth HTTP/1.1
Accept: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...请求参数
URL 参数
无
request body 参数
无
返回对象的格式说明
| 字段 | 类型 | 说明 |
|---|---|---|
| authType | STRING | 认证方式的唯一键 |
接口示例1: 获取默认的认证方式
http
GET /api/authentication-configs/active-auth HTTP/1.1
Accept: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...http
HTTP/1.1 200 Ok
Content-Type: application/json
{
"version": "version@9a5e106#6730f0d",
"code": 0,
"msg": "success",
"data": {
"authType": "ldap"
}
}编辑默认的认证方式
编辑默认的认证方式
请求URL
http
PUT /api/authentication-configs/active-auth HTTP/1.1
Content-Type: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...请求参数
URL 参数
无
request body 参数
| 字段 | 类型 | 说明 |
|---|---|---|
| authType | STRING | 认证方式的唯一键 |
接口示例1: 编辑默认的认证方式
http
PUT /api/authentication-configs/active-auth HTTP/1.1
Content-Type: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...http
HTTP/1.1 200 Ok
Content-Type: application/json
{
"version": "version@9a5e106#6730f0d",
"code": 0,
"msg": "success",
"data": {
"authType": "ldap"
}
}ldap配置
ldap配置结构说明
| 字段 | 类型 | 说明 |
|---|---|---|
| protocol | STRING | ldap 协议,ldap/ldaps |
| url | STRING | 服务器地址 |
| port | INT | 服务器端口 |
| bindUser | STRING | 用户名 |
| bindPassword | STRING | 密码 |
| searchBase | STRING | 搜索库 |
| query | STRING | LDAP 查询 |
| 其他配置 | 参考通用配置结构说明 |
获取ldap配置
请求URL
http
GET /api/authentication-configs/ldap HTTP/1.1
Accept: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...请求参数
URL 参数
无
request body 参数
无
返回对象的格式说明
参考 ldap配置结构说明
接口示例1: 获取ldap配置
http
GET /api/authentication-configs/ldap HTTP/1.1
Accept: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...http
HTTP/1.1 200 Ok
Content-Type: application/json
{
"version": "version@9a5e106#6730f0d",
"code": 0,
"msg": "success",
"data": {
"protocol": "ldaps",
"bindPassword": "test",
"port": 636,
"loginNameMapping": "uid",
"query": "(objectclass=inetOrgPerson)",
"searchBase": "cn=users,cn=accounts,dc=org",
"bindUser": "uid=gogs,cn=sysaccounts,cn=etc,dc=org",
"mobileMapping": "",
"emailMapping": "",
"url": "ldap.demo.org",
"userNameMapping": ""
}
}编辑ldap配置
编辑ldap配置
请求URL
http
PUT /api/authentication-configs/ldap HTTP/1.1
Content-Type: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...请求参数
URL 参数
无
request body 参数
参考 ldap配置结构说明
接口示例1: 编辑ldap配置
http
PUT /api/authentication-configs/ldap HTTP/1.1
Content-Type: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...
// Request Body:
{
"protocol": "ldaps",
"url": "ldap.test.org",
"port": 636,
"bindUser": "uid=gogs,cn=sysaccounts,cn=etc,dc=org",
"bindPassword": "gogs",
"searchBase": "cn=users,cn=accounts,dc=org",
"query": "(objectclass=inetOrgPerson)",
"enableSyncUserAttr": false,
"loginNameMapping": "uid",
"userNameMapping": "cn",
"emailMapping": "email",
"mobileMapping": "mobile",
"enableSessionExpSync": false
}http
HTTP/1.1 200 Ok
Content-Type: application/json
{
"version": "version@9a5e106#6730f0d",
"code": 0,
"msg": "success",
"data": {
"protocol": "ldaps",
"bindPassword": "test",
"port": 636,
"loginNameMapping": "uid",
"query": "(objectclass=inetOrgPerson)",
"searchBase": "cn=users,cn=accounts,dc=org",
"bindUser": "uid=gogs,cn=sysaccounts,cn=etc,dc=org",
"mobileMapping": "",
"emailMapping": "",
"url": "ldap.demo.org",
"userNameMapping": ""
}
}cas配置
cas配置结构说明
| 字段 | 类型 | 说明 |
|---|---|---|
| protocol | STRING | cas 协议,CAS10/CAS20/CAS20_PROXY/CAS30/CAS30_PROXY |
| casServer | STRING | 服务器地址 |
| 其他配置 | 不支持用户名映射, 其他参考 通用配置结构说明 |
获取cas配置
请求URL
http
GET /api/authentication-configs/cas HTTP/1.1
Accept: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...请求参数
URL 参数
无
request body 参数
无
返回对象的格式说明
参考 cas配置结构说明
接口示例1: 获取cas配置
http
GET /api/authentication-configs/cas HTTP/1.1
Accept: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...http
HTTP/1.1 200 Ok
Content-Type: application/json
{
"version": "version@9a5e106#6730f0d",
"code": 0,
"msg": "success",
"data": {
"casServer": "https://sso.test.org/auth/realms/master/protocol/cas/login",
"orgsMapping": "orgs",
"emailMapping": "email",
"userNameMapping": "username",
"sessionExpSyncMapping": "",
"protocol": "CAS30"
}
}编辑cas配置
编辑cas配置
请求URL
http
PUT /api/authentication-configs/cas HTTP/1.1
Content-Type: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...请求参数
URL 参数
无
request body 参数
参考 cas配置结构说明
接口示例1: 编辑cas配置
http
PUT /api/authentication-configs/cas HTTP/1.1
Content-Type: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...
// Request Body:
{
"protocol": "CAS30",
"casServer": "https://sso.test.org/auth/realms/master/protocol/cas/login",
"reloadUser": false,
"enableSyncUserAttr": true,
"userNameMapping": "username",
"emailMapping": "email",
"mobileMapping": "",
"rolesMapping": "roles",
"groupsMapping": "groups"
}http
HTTP/1.1 200 Ok
Content-Type: application/json
{
"version": "version@9a5e106#6730f0d",
"code": 0,
"msg": "success",
"data": {
"protocol": "CAS30",
"casServer": "https://sso.test.org/auth/realms/master/protocol/cas/login",
"reloadUser": false,
"enableSyncUserAttr": true,
"userNameMapping": "username",
"emailMapping": "email",
"mobileMapping": "",
"rolesMapping": "roles",
"groupsMapping": "groups"
}
}saml2配置
saml2配置结构说明
| 字段 | 类型 | 说明 |
|---|---|---|
| idpMetadataUrl | STRING | idpMetadataUrl,saml2 server 的 metadata 地址 |
| 私钥 | STRING | 与saml2 server 匹配的私钥 |
| 证书 | STRING | 与saml2 server 匹配的证书 |
| entityID | STRING | entityID |
| 其他配置 | 其他参考 通用配置结构说明 |
获取saml2配置
请求URL
http
GET /api/authentication-configs/saml2 HTTP/1.1
Accept: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...请求参数
URL 参数
无
request body 参数
无
返回对象的格式说明
参考 saml2配置结构说明
接口示例1: 获取saml2配置
http
GET /api/authentication-configs/saml2 HTTP/1.1
Accept: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...http
HTTP/1.1 200 Ok
Content-Type: application/json
{
"version": "version@9a5e106#6730f0d",
"code": 0,
"msg": "success",
"data": {
"idpMetadataUrl": "https://sso.test.org/auth/realms/master/protocol/saml/descriptor",
"privateKey": "-----BEGIN PRIVATE KEY-----\ntest\ntestJXcQWrQUSB+LZHcDjhBcjKfHbyGmwHDHThz4d1nA2Dzccy78WpamTH\n-----END PRIVATE KEY-----",
"reloadUser": true,
"certificate": "-----BEGIN CERTIFICATE-----\ntest\ntest0xOTA0MTAwNzQ5NTdaFw0yOTA0MTAwNzUxMzdaMBwx\n-----END CERTIFICATE-----",
"entityId": "develop_saml2"
}
}编辑saml2配置
编辑saml2配置
请求URL
http
PUT /api/authentication-configs/saml2 HTTP/1.1
Content-Type: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...请求参数
URL 参数
无
request body 参数
参考 saml2配置结构说明
接口示例1: 编辑saml2配置
http
PUT /api/authentication-configs/saml2 HTTP/1.1
Content-Type: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...
// Request Body:
{
"idpMetadataUrl": "https://sso.test.org/auth/realms/master/protocol/saml/descriptor",
"privateKey": "-----BEGIN PRIVATE KEY-----\ntest\ntestJXcQWrQUSB+LZHcDjhBcjKfHbyGmwHDHThz4d1nA2Dzccy78WpamTH\n-----END PRIVATE KEY-----",
"reloadUser": true,
"certificate": "-----BEGIN CERTIFICATE-----\ntest\ntest0xOTA0MTAwNzQ5NTdaFw0yOTA0MTAwNzUxMzdaMBwx\n-----END CERTIFICATE-----",
"entityId": "develop_saml2"
}http
HTTP/1.1 200 Ok
Content-Type: application/json
{
"version": "version@9a5e106#6730f0d",
"code": 0,
"msg": "success",
"data": {
"idpMetadataUrl": "https://sso.test.org/auth/realms/master/protocol/saml/descriptor",
"privateKey": "-----BEGIN PRIVATE KEY-----\ntest\ntestJXcQWrQUSB+LZHcDjhBcjKfHbyGmwHDHThz4d1nA2Dzccy78WpamTH\n-----END PRIVATE KEY-----",
"reloadUser": true,
"certificate": "-----BEGIN CERTIFICATE-----\ntest\ntest0xOTA0MTAwNzQ5NTdaFw0yOTA0MTAwNzUxMzdaMBwx\n-----END CERTIFICATE-----",
"entityId": "develop_saml2"
}
}oauth2配置
oauth2配置结构说明
| 字段 | 类型 | 说明 |
|---|---|---|
| key | STRING | Client ID |
| secret | STRING | Client Secret |
| authorizationBaseUrl | STRING | Authorize 接口 |
| accessTokenEndpoint | STRING | Token 接口 |
| profileUrl | STRING | User-info 接口 |
| logoutUrl | STRING | Logout 接口 |
| afterLogoutUriParamName | STRING | Logout 接口拼接 Redirect URI |
| originUrlDeliveryMethod | STRING | 原始 url 传递方式 |
| scope | STRING | scope |
| 其他配置 | 其他参考 通用配置结构说明 |
获取oauth2配置
请求URL
http
GET /api/authentication-configs/oauth2 HTTP/1.1
Accept: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...请求参数
URL 参数
无
request body 参数
无
返回对象的格式说明
参考 oauth2配置结构说明
接口示例1: 获取oauth2配置
http
GET /api/authentication-configs/oauth2 HTTP/1.1
Accept: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...http
HTTP/1.1 200 Ok
Content-Type: application/json
{
"version": "version@9a5e106#6730f0d",
"code": 0,
"msg": "success",
"data": {
"profileUrl": "http://test:3000/sso/oauth2/user-info",
"enableSyncUserAttr": true,
"originUrlDeliveryMethod": "url",
"loginNameMapping": "",
"authorizationBaseUrl": "http://test:3000/sso/oauth2/authorize",
"enableSessionExpSync": false,
"afterLogoutUriParamName": "",
"secret": "1",
"emailMapping": "",
"accessTokenEndpoint": "http://test:3000/sso/oauth2/token",
"userNameMapping": "",
"appendRedirectUri": true,
"reloadUser": true,
"groupsMapping": "",
"logoutUrl": "http://test:3000/sso/oauth2/logout",
"mobileMapping": "",
"rolesMapping": "",
"key": "1"
}
}编辑oauth2配置
编辑oauth2配置
请求URL
http
PUT /api/authentication-configs/oauth2 HTTP/1.1
Content-Type: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...请求参数
URL 参数
无
request body 参数
参考 oauth2配置结构说明
接口示例1: 编辑oauth2配置
http
PUT /api/authentication-configs/oauth2 HTTP/1.1
Content-Type: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...
// Request Body:
{
"key": "1",
"secret": "1",
"authorizationBaseUrl": "http://test:3000/sso/oauth2/authorize",
"accessTokenEndpoint": "http://test:3000/sso/oauth2/token",
"profileUrl": "http://test:3000/sso/oauth2/user-info",
"logoutUrl": "http://test:3000/sso/oauth2/logout",
"loginNameMapping": "",
"userNameMapping": "",
"emailMapping": "",
"mobileMapping": "",
"rolesMapping": "",
"groupsMapping": "",
"appendRedirectUri": true,
"originUrlDeliveryMethod": "url",
"reloadUser": true,
"enableSyncUserAttr": true,
"enableSessionExpSync": false
}http
HTTP/1.1 200 Ok
Content-Type: application/json
{
"version": "version@9a5e106#6730f0d",
"code": 0,
"msg": "success",
"data": {
"profileUrl": "http://test:3000/sso/oauth2/user-info",
"enableSyncUserAttr": true,
"originUrlDeliveryMethod": "url",
"loginNameMapping": "",
"authorizationBaseUrl": "http://test:3000/sso/oauth2/authorize",
"enableSessionExpSync": false,
"afterLogoutUriParamName": "",
"secret": "1",
"emailMapping": "",
"accessTokenEndpoint": "http://test:3000/sso/oauth2/token",
"userNameMapping": "",
"appendRedirectUri": true,
"reloadUser": true,
"groupsMapping": "",
"logoutUrl": "http://test:3000/sso/oauth2/logout",
"mobileMapping": "",
"rolesMapping": "",
"key": "1"
}
}钉钉配置
钉钉配置结构说明
| 字段 | 类型 | 说明 |
|---|---|---|
| appKey | STRING | AppKey |
| appSecret | STRING | AppSecret |
| CorpId | STRING | corpId |
| ssoSecret | STRING | SSOsecret |
| dtLoginType | STRING | 登录方式:authCode(授权码模式,小程序免登录) ,qrConnect(扫码模式,网页端扫码登录) |
| schedulerPeriod | STRING | 同步频率(单位为分钟,0为不同步) |
| 其他配置 | 其他参考 通用配置结构说明 |
获取钉钉配置
请求URL
http
GET /api/authentication-configs/dingtalk HTTP/1.1
Accept: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...请求参数
URL 参数
无
request body 参数
无
返回对象的格式说明
参考 钉钉配置结构说明
接口示例1: 获取oauth2配置
http
GET /api/authentication-configs/dingtalk HTTP/1.1
Accept: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...http
HTTP/1.1 200 Ok
Content-Type: application/json
{
"version": "version@9a5e106#6730f0d",
"code": 0,
"msg": "success",
"data": {
"enableSyncUserAttr": true,
"corpId": "test-corp-id",
"dtLoginType": "authCode",
"ssoSecret": "",
"appKey": "test-app-key",
"appSecret": "test-app-secret",
"schedulerPeriod": 0
}
}编辑钉钉配置
请求URL
http
PUT /api/authentication-configs/dingtalk HTTP/1.1
Content-Type: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...请求参数
URL 参数
无
request body 参数
参考 钉钉配置结构说明
接口示例1: 编辑钉钉配置
http
PUT /api/authentication-configs/dingtalk HTTP/1.1
Content-Type: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...
// Request Body:
{
"appKey": "test-app_key",
"appSecret": "test-app-secret",
"corpId": "test-corp-id",
"ssoSecret": "",
"schedulerPeriod": 0,
"dtLoginType": "authCode",
"enableSyncUserAttr": true
}http
HTTP/1.1 200 Ok
Content-Type: application/json
{
"version": "version@9a5e106#6730f0d",
"code": 0,
"msg": "success",
"data": {
"appKey": "test-app_key",
"appSecret": "test-app-secret",
"corpId": "test-corp-id",
"ssoSecret": "",
"schedulerPeriod": 0,
"dtLoginType": "authCode",
"enableSyncUserAttr": true
}
}同步钉钉组织
请求URL
http
PUT /api/authentication-configs/dingtalk/sync HTTP/1.1
Content-Type: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...请求参数
URL 参数
无
request body 参数
参考 钉钉配置结构说明
接口示例1: 同步钉钉组织
http
PUT /api/authentication-configs/dingtalk/sync HTTP/1.1
Content-Type: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...
// Request Body:
{
"appKey": "test-app_key",
"appSecret": "test-app-secret",
"corpId": "test-corp-id",
"ssoSecret": "",
"schedulerPeriod": 0,
"dtLoginType": "authCode",
"enableSyncUserAttr": true
}http
HTTP/1.1 200 Ok
Content-Type: application/json
{
"version": "version@9a5e106#6730f0d",
"code": 0,
"msg": "success",
"data": {
"appKey": "test-app_key",
"appSecret": "test-app-secret",
"corpId": "test-corp-id",
"ssoSecret": "",
"schedulerPeriod": 0,
"dtLoginType": "authCode",
"enableSyncUserAttr": true
}
}企业微信配置
企业微信配置结构说明
| 字段 | 类型 | 说明 |
|---|---|---|
| key | STRING | 企业ID |
| agentId | STRING | AgentId |
| secret | STRING | Secret |
| wcwLoginType | STRING | 登录方式:oauth2(授权码模式,小程序免登录) ,qrConnect(扫码模式,网页端扫码登录) |
| 其他配置 | 其他参考 通用配置结构说明 |
获取企业微信配置
请求URL
http
GET /api/authentication-configs/wechat-work HTTP/1.1
Accept: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...请求参数
URL 参数
无
request body 参数
无
返回对象的格式说明
参考 企业微信配置结构说明
接口示例1: 获取企业微信配置
http
GET /api/authentication-configs/wechat-work HTTP/1.1
Accept: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...http
HTTP/1.1 200 Ok
Content-Type: application/json
{
"version": "version@9a5e106#6730f0d",
"code": 0,
"msg": "success",
"data": {
"agentId": "test-agent-id",
"enableSyncUserAttr": true,
"wcwLoginType": "oauth2",
"secret": "test-secret",
"key": "test-key"
}
}编辑企业微信配置
请求URL
http
PUT /api/authentication-configs/wechat-work HTTP/1.1
Content-Type: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...请求参数
URL 参数
无
request body 参数
参考 企业微信配置结构说明
接口示例1: 编辑企业微信配置
http
PUT /api/authentication-configs/wechat-work HTTP/1.1
Content-Type: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...
// Request Body:
{
"agentId": "test-agent-id",
"enableSyncUserAttr": true,
"wcwLoginType": "oauth2",
"secret": "test-secret",
"key": "test-key"
}http
HTTP/1.1 200 Ok
Content-Type: application/json
{
"version": "version@9a5e106#6730f0d",
"code": 0,
"msg": "success",
"data": {
"agentId": "test-agent-id",
"enableSyncUserAttr": true,
"wcwLoginType": "oauth2",
"secret": "test-secret",
"key": "test-key"
}
}JWT配置
JWT配置结构说明
| 字段 | 类型 | 说明 |
|---|---|---|
| tokenName | STRING | JWT Token 名称 |
| checkSignAlgorithm | STRING | 验签算法 |
| checkSignKey | STRING | 验签密钥 |
| signKey | STRING | 签名密钥 |
| decryptMethod | STRING | 解密方法 |
| decryptAlgorithm | STRING | 解密算法 |
| decryptKey | STRING | 解密密钥 |
| encryptKey | STRING | 加密密钥 |
| groovy script | STRING | groovy script |
| 其他配置 | 其他参考 通用配置结构说明 |
获取JWT配置
请求URL
http
GET /api/authentication-configs/jwt-param HTTP/1.1
Accept: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...请求参数
URL 参数
无
request body 参数
无
返回对象的格式说明
参考 JWT配置结构说明
接口示例1: 获取JWT配置
http
GET /api/authentication-configs/jwt-param HTTP/1.1
Accept: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...http
HTTP/1.1 200 Ok
Content-Type: application/json
{
"version": "version@9a5e106#6730f0d",
"code": 0,
"msg": "success",
"data": {
"checkSignKey": "4415e5cf-aa28-46af-83e8-fff",
"enableSyncUserAttr": true,
"loginNameMapping": "",
"tokenName": "",
"enableSessionExpSync": false,
"emailMapping": "",
"decryptMethod": "",
"platformSourceId": "",
"userNameMapping": "",
"sessionExpSyncMapping": "",
"groupsMapping": "",
"checkSignKeyBase64Encoded": false,
"decryptKey": "",
"checkSignAlgorithm": "HS256",
"mobileMapping": "",
"decryptAlgorithm": "",
"tenantNameMapping": "企业名称",
"tenantCodeMapping": "tenantCode",
"rolesMapping": ""
}
}编辑JWT配置
请求URL
http
PUT /api/authentication-configs/jwt-param HTTP/1.1
Content-Type: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...请求参数
URL 参数
无
request body 参数
参考 JWT配置结构说明
接口示例1: 编辑 JWT 配置
http
PUT /api/authentication-configs/jwt-param HTTP/1.1
Content-Type: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...
// Request Body:
{
"checkSignAlgorithm": "HS256",
"checkSignKey": "4415e5cf-aa28-46af-83e8-fffff",
"checkSignKeyBase64Encoded": false,
"decryptMethod": "",
"decryptAlgorithm": "",
"decryptKey": "",
"enableSyncUserAttr": true,
"loginNameMapping": "",
"userNameMapping": "",
"emailMapping": "",
"mobileMapping": "",
"rolesMapping": "",
"groupsMapping": "",
"tenantCodeMapping": "",
"tenantNameMapping": "企业名称",
"platformSourceId": "tenantCode",
"enableSessionExpSync": false,
"sessionExpSyncMapping": "",
"tokenName": ""
}http
HTTP/1.1 200 Ok
Content-Type: application/json
{
"version": "version@9a5e106#6730f0d",
"code": 0,
"msg": "success",
"data": {
"checkSignAlgorithm": "HS256",
"checkSignKey": "4415e5cf-aa28-46af-83e8-fffff",
"checkSignKeyBase64Encoded": false,
"decryptMethod": "",
"decryptAlgorithm": "",
"decryptKey": "",
"enableSyncUserAttr": true,
"loginNameMapping": "",
"userNameMapping": "",
"emailMapping": "",
"mobileMapping": "",
"rolesMapping": "",
"groupsMapping": "",
"tenantCodeMapping": "",
"tenantNameMapping": "企业名称",
"platformSourceId": "tenantCode",
"enableSessionExpSync": false,
"sessionExpSyncMapping": "",
"tokenName": ""
}
}生成密钥
请求URL
http
PUT /api/authentication-configs/jwt-param/generate-key HTTP/1.1
Content-Type: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...请求参数
URL 参数
无
request body 参数
参考 JWT配置结构说明
接口示例1: 生成密钥
http
PUT /api/authentication-configs/jwt-param/generate-key HTTP/1.1
Content-Type: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...
// Request Body:
{
"checkSignAlgorithm": "HS256",
"checkSignKeyBase64Encoded": false
}http
HTTP/1.1 200 Ok
Content-Type: application/json
{
"version": "version@9a5e106#6730f0d",
"code": 0,
"msg": "success",
"data": {
"enableSyncUserAttr": true,
"checkSignKey": "9604218ba98c4011a068cdb2ef78fe7d",
"checkSignKeyBase64Encoded": false,
"checkSignAlgorithm": "HS256",
"signKey": "9604218ba98c4011a068cdb2ef78fe7d"
}
}飞书配置
飞书配置结构说明
| 字段 | 类型 | 说明 |
|---|---|---|
| appId | STRING | App ID |
| appSecret | STRING | App Secret |
| 其他配置 | 其他参考 通用配置结构说明 |
获取飞书配置
请求URL
http
GET /api/authentication-configs/lark HTTP/1.1
Accept: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...请求参数
URL 参数
无
request body 参数
无
返回对象的格式说明
参考 飞书配置结构说明
接口示例1: 获取飞书配置
http
GET /api/authentication-configs/lark HTTP/1.1
Accept: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...http
HTTP/1.1 200 Ok
Content-Type: application/json
{
"version": "version@9a5e106#6730f0d",
"code": 0,
"msg": "success",
"data": {
"enableSyncUserAttr": true,
"appId": "test-app-id",
"appSecret": "test-app-secret"
}
}编辑飞书配置
请求URL
http
PUT /api/authentication-configs/lark HTTP/1.1
Content-Type: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...请求参数
URL 参数
无
request body 参数
参考 飞书配置结构说明
接口示例1: 编辑 飞书 配置
http
PUT /api/authentication-configs/lark HTTP/1.1
Content-Type: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...
// Request Body:
{
"appId": "cli_a250f4d4963cd00d",
"appSecret": "lMJTeOaIe9TCADmDYcYKwYMbvUIaeMtS",
"enableSyncUserAttr": true
}http
HTTP/1.1 200 Ok
Content-Type: application/json
{
"version": "version@9a5e106#6730f0d",
"code": 0,
"msg": "success",
"data": {
"enableSyncUserAttr": true,
"appId": "test-app-id",
"appSecret": "test-app-secret"
}
}