Skip to content

认证方式配置

结构说明

通用配置结构说明

字段类型说明
reloadUserBOOL刷新页面时,是否重新执行认证流程(主要用于嵌入模式下与主站的登录用户保持同步)
enableSyncUserAttrBOOL启用用户属性同步
loginNameMappingSTRING用户名映射
userNameMappingSTRING显示名映射
emailMappingSTRING邮箱映射
mobileMappingSTRING手机号映射
rolesMappingSTRING角色映射
groupsMappingSTRING组映射
orgsMappingSTRING组织架构映射
tenantCodeMappingSTRING企业 ID 映射
tenantNameMappingSTRING企业名称映射
platformSourceIdSTRING平台方 ID
enableSessionExpSyncBOOLEAN启用 SSO exp 会话有效期同步
sessionExpSyncMappingSTRING会话有效期映射

认证方式接口说明

获取支持的认证方式列表

获取支持的认证方式列表

请求URL

http
GET /api/authentication-configs/form-items HTTP/1.1
Accept: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...

请求参数

URL 参数

request body 参数

返回对象的格式说明

字段类型说明
idSTRING认证方式的唯一键
nameSTRING认证方式的名称

接口示例1: 获取支持的认证方式列表

http
GET /api/authentication-configs/form-items HTTP/1.1
Accept: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...
http
HTTP/1.1 200 Ok
Content-Type: application/json

{
  "version": "version@9a5e106#6730f0d",
  "code": 0,
  "msg": "success",
  "data": [
    {
      "id": "hengshi",
      "name": "HENGSHI"
    },
    {
      "id": "ldap",
      "name": "LDAP"
    },
    {
      "id": "cas",
      "name": "CAS"
    },
    {
      "id": "saml2",
      "name": "SAML2"
    },
    {
      "id": "oauth2",
      "name": "OAUTH2"
    },
    {
      "id": "dingtalk",
      "name": "钉钉"
    },
    {
      "id": "wechat-work",
      "name": "企业微信"
    },
    {
      "id": "ctr",
      "name": "CTR"
    },
    {
      "id": "yunzhijia",
      "name": "云之家"
    },
    {
      "id": "jwt-param",
      "name": "JWT 请求参数"
    },
    {
      "id": "lark",
      "name": "飞书"
    },
    {
      "id": "qince",
      "name": "勤策"
    }
  ]
}

获取默认的认证方式

获取默认的认证方式

请求URL

http
GET /api/authentication-configs/active-auth HTTP/1.1
Accept: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...

请求参数

URL 参数

request body 参数

返回对象的格式说明

字段类型说明
authTypeSTRING认证方式的唯一键

接口示例1: 获取默认的认证方式

http
GET /api/authentication-configs/active-auth HTTP/1.1
Accept: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...
http
HTTP/1.1 200 Ok
Content-Type: application/json

{
  "version": "version@9a5e106#6730f0d",
  "code": 0,
  "msg": "success",
  "data": {
    "authType": "ldap"
  }
}

编辑默认的认证方式

编辑默认的认证方式

请求URL

http
PUT /api/authentication-configs/active-auth HTTP/1.1
Content-Type: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...

请求参数

URL 参数

request body 参数
字段类型说明
authTypeSTRING认证方式的唯一键

接口示例1: 编辑默认的认证方式

http
PUT /api/authentication-configs/active-auth HTTP/1.1
Content-Type: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...
http
HTTP/1.1 200 Ok
Content-Type: application/json

{
  "version": "version@9a5e106#6730f0d",
  "code": 0,
  "msg": "success",
  "data": {
    "authType": "ldap"
  }
}

ldap配置

ldap配置结构说明

字段类型说明
protocolSTRINGldap 协议,ldap/ldaps
urlSTRING服务器地址
portINT服务器端口
bindUserSTRING用户名
bindPasswordSTRING密码
searchBaseSTRING搜索库
querySTRINGLDAP 查询
其他配置参考通用配置结构说明

获取ldap配置

请求URL

http
GET /api/authentication-configs/ldap HTTP/1.1
Accept: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...

请求参数

URL 参数

request body 参数

返回对象的格式说明

参考 ldap配置结构说明

接口示例1: 获取ldap配置

http
GET /api/authentication-configs/ldap HTTP/1.1
Accept: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...
http
HTTP/1.1 200 Ok
Content-Type: application/json

{
  "version": "version@9a5e106#6730f0d",
  "code": 0,
  "msg": "success",
  "data": {
    "protocol": "ldaps",
    "bindPassword": "test",
    "port": 636,
    "loginNameMapping": "uid",
    "query": "(objectclass=inetOrgPerson)",
    "searchBase": "cn=users,cn=accounts,dc=org",
    "bindUser": "uid=gogs,cn=sysaccounts,cn=etc,dc=org",
    "mobileMapping": "",
    "emailMapping": "",
    "url": "ldap.demo.org",
    "userNameMapping": ""
  }
}

编辑ldap配置

编辑ldap配置

请求URL

http
PUT /api/authentication-configs/ldap HTTP/1.1
Content-Type: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...

请求参数

URL 参数

request body 参数

参考 ldap配置结构说明

接口示例1: 编辑ldap配置

http
PUT /api/authentication-configs/ldap HTTP/1.1
Content-Type: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...

// Request Body:
{
    "protocol": "ldaps",
    "url": "ldap.test.org",
    "port": 636,
    "bindUser": "uid=gogs,cn=sysaccounts,cn=etc,dc=org",
    "bindPassword": "gogs",
    "searchBase": "cn=users,cn=accounts,dc=org",
    "query": "(objectclass=inetOrgPerson)",
    "enableSyncUserAttr": false,
    "loginNameMapping": "uid",
    "userNameMapping": "cn",
    "emailMapping": "email",
    "mobileMapping": "mobile",
    "enableSessionExpSync": false
}
http
HTTP/1.1 200 Ok
Content-Type: application/json

{
  "version": "version@9a5e106#6730f0d",
  "code": 0,
  "msg": "success",
  "data": {
    "protocol": "ldaps",
    "bindPassword": "test",
    "port": 636,
    "loginNameMapping": "uid",
    "query": "(objectclass=inetOrgPerson)",
    "searchBase": "cn=users,cn=accounts,dc=org",
    "bindUser": "uid=gogs,cn=sysaccounts,cn=etc,dc=org",
    "mobileMapping": "",
    "emailMapping": "",
    "url": "ldap.demo.org",
    "userNameMapping": ""
  }
}

cas配置

cas配置结构说明

字段类型说明
protocolSTRINGcas 协议,CAS10/CAS20/CAS20_PROXY/CAS30/CAS30_PROXY
casServerSTRING服务器地址
其他配置不支持用户名映射, 其他参考 通用配置结构说明

获取cas配置

请求URL

http
GET /api/authentication-configs/cas HTTP/1.1
Accept: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...

请求参数

URL 参数

request body 参数

返回对象的格式说明

参考 cas配置结构说明

接口示例1: 获取cas配置

http
GET /api/authentication-configs/cas HTTP/1.1
Accept: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...
http
HTTP/1.1 200 Ok
Content-Type: application/json

{
  "version": "version@9a5e106#6730f0d",
  "code": 0,
  "msg": "success",
  "data": {
    "casServer": "https://sso.test.org/auth/realms/master/protocol/cas/login",
    "orgsMapping": "orgs",
    "emailMapping": "email",
    "userNameMapping": "username",
    "sessionExpSyncMapping": "",
    "protocol": "CAS30"
  }
}

编辑cas配置

编辑cas配置

请求URL

http
PUT /api/authentication-configs/cas HTTP/1.1
Content-Type: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...

请求参数

URL 参数

request body 参数

参考 cas配置结构说明

接口示例1: 编辑cas配置

http
PUT /api/authentication-configs/cas HTTP/1.1
Content-Type: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...

// Request Body:
{
    "protocol": "CAS30",
    "casServer": "https://sso.test.org/auth/realms/master/protocol/cas/login",
    "reloadUser": false,
    "enableSyncUserAttr": true,
    "userNameMapping": "username",
    "emailMapping": "email",
    "mobileMapping": "",
    "rolesMapping": "roles",
    "groupsMapping": "groups"
}
http
HTTP/1.1 200 Ok
Content-Type: application/json

{
  "version": "version@9a5e106#6730f0d",
  "code": 0,
  "msg": "success",
  "data": {
    "protocol": "CAS30",
    "casServer": "https://sso.test.org/auth/realms/master/protocol/cas/login",
    "reloadUser": false,
    "enableSyncUserAttr": true,
    "userNameMapping": "username",
    "emailMapping": "email",
    "mobileMapping": "",
    "rolesMapping": "roles",
    "groupsMapping": "groups"
  }
}

saml2配置

saml2配置结构说明

字段类型说明
idpMetadataUrlSTRINGidpMetadataUrl,saml2 server 的 metadata 地址
私钥STRING与saml2 server 匹配的私钥
证书STRING与saml2 server 匹配的证书
entityIDSTRINGentityID
其他配置其他参考 通用配置结构说明

获取saml2配置

请求URL

http
GET /api/authentication-configs/saml2 HTTP/1.1
Accept: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...

请求参数

URL 参数

request body 参数

返回对象的格式说明

参考 saml2配置结构说明

接口示例1: 获取saml2配置

http
GET /api/authentication-configs/saml2 HTTP/1.1
Accept: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...
http
HTTP/1.1 200 Ok
Content-Type: application/json

{
  "version": "version@9a5e106#6730f0d",
  "code": 0,
  "msg": "success",
  "data": {
    "idpMetadataUrl": "https://sso.test.org/auth/realms/master/protocol/saml/descriptor",
    "privateKey": "-----BEGIN PRIVATE KEY-----\ntest\ntestJXcQWrQUSB+LZHcDjhBcjKfHbyGmwHDHThz4d1nA2Dzccy78WpamTH\n-----END PRIVATE KEY-----",
    "reloadUser": true,
    "certificate": "-----BEGIN CERTIFICATE-----\ntest\ntest0xOTA0MTAwNzQ5NTdaFw0yOTA0MTAwNzUxMzdaMBwx\n-----END CERTIFICATE-----",
    "entityId": "develop_saml2"
  }
}

编辑saml2配置

编辑saml2配置

请求URL

http
PUT /api/authentication-configs/saml2 HTTP/1.1
Content-Type: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...

请求参数

URL 参数

request body 参数

参考 saml2配置结构说明

接口示例1: 编辑saml2配置

http
PUT /api/authentication-configs/saml2 HTTP/1.1
Content-Type: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...

// Request Body:
{
  "idpMetadataUrl": "https://sso.test.org/auth/realms/master/protocol/saml/descriptor",
  "privateKey": "-----BEGIN PRIVATE KEY-----\ntest\ntestJXcQWrQUSB+LZHcDjhBcjKfHbyGmwHDHThz4d1nA2Dzccy78WpamTH\n-----END PRIVATE KEY-----",
  "reloadUser": true,
  "certificate": "-----BEGIN CERTIFICATE-----\ntest\ntest0xOTA0MTAwNzQ5NTdaFw0yOTA0MTAwNzUxMzdaMBwx\n-----END CERTIFICATE-----",
  "entityId": "develop_saml2"
}
http
HTTP/1.1 200 Ok
Content-Type: application/json

{
  "version": "version@9a5e106#6730f0d",
  "code": 0,
  "msg": "success",
  "data": {
    "idpMetadataUrl": "https://sso.test.org/auth/realms/master/protocol/saml/descriptor",
    "privateKey": "-----BEGIN PRIVATE KEY-----\ntest\ntestJXcQWrQUSB+LZHcDjhBcjKfHbyGmwHDHThz4d1nA2Dzccy78WpamTH\n-----END PRIVATE KEY-----",
    "reloadUser": true,
    "certificate": "-----BEGIN CERTIFICATE-----\ntest\ntest0xOTA0MTAwNzQ5NTdaFw0yOTA0MTAwNzUxMzdaMBwx\n-----END CERTIFICATE-----",
    "entityId": "develop_saml2"
  }
}

oauth2配置

oauth2配置结构说明

字段类型说明
keySTRINGClient ID
secretSTRINGClient Secret
authorizationBaseUrlSTRINGAuthorize 接口
accessTokenEndpointSTRINGToken 接口
profileUrlSTRINGUser-info 接口
logoutUrlSTRINGLogout 接口
afterLogoutUriParamNameSTRINGLogout 接口拼接 Redirect URI
originUrlDeliveryMethodSTRING原始 url 传递方式
scopeSTRINGscope
其他配置其他参考 通用配置结构说明

获取oauth2配置

请求URL

http
GET /api/authentication-configs/oauth2 HTTP/1.1
Accept: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...

请求参数

URL 参数

request body 参数

返回对象的格式说明

参考 oauth2配置结构说明

接口示例1: 获取oauth2配置

http
GET /api/authentication-configs/oauth2 HTTP/1.1
Accept: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...
http
HTTP/1.1 200 Ok
Content-Type: application/json

{
  "version": "version@9a5e106#6730f0d",
  "code": 0,
  "msg": "success",
  "data": {
    "profileUrl": "http://test:3000/sso/oauth2/user-info",
    "enableSyncUserAttr": true,
    "originUrlDeliveryMethod": "url",
    "loginNameMapping": "",
    "authorizationBaseUrl": "http://test:3000/sso/oauth2/authorize",
    "enableSessionExpSync": false,
    "afterLogoutUriParamName": "",
    "secret": "1",
    "emailMapping": "",
    "accessTokenEndpoint": "http://test:3000/sso/oauth2/token",
    "userNameMapping": "",
    "appendRedirectUri": true,
    "reloadUser": true,
    "groupsMapping": "",
    "logoutUrl": "http://test:3000/sso/oauth2/logout",
    "mobileMapping": "",
    "rolesMapping": "",
    "key": "1"
  }
}

编辑oauth2配置

编辑oauth2配置

请求URL

http
PUT /api/authentication-configs/oauth2 HTTP/1.1
Content-Type: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...

请求参数

URL 参数

request body 参数

参考 oauth2配置结构说明

接口示例1: 编辑oauth2配置

http
PUT /api/authentication-configs/oauth2 HTTP/1.1
Content-Type: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...

// Request Body:
{
  "key": "1",
  "secret": "1",
  "authorizationBaseUrl": "http://test:3000/sso/oauth2/authorize",
  "accessTokenEndpoint": "http://test:3000/sso/oauth2/token",
  "profileUrl": "http://test:3000/sso/oauth2/user-info",
  "logoutUrl": "http://test:3000/sso/oauth2/logout",
  "loginNameMapping": "",
  "userNameMapping": "",
  "emailMapping": "",
  "mobileMapping": "",
  "rolesMapping": "",
  "groupsMapping": "",
  "appendRedirectUri": true,
  "originUrlDeliveryMethod": "url",
  "reloadUser": true,
  "enableSyncUserAttr": true,
  "enableSessionExpSync": false
}
http
HTTP/1.1 200 Ok
Content-Type: application/json

{
  "version": "version@9a5e106#6730f0d",
  "code": 0,
  "msg": "success",
  "data": {
    "profileUrl": "http://test:3000/sso/oauth2/user-info",
    "enableSyncUserAttr": true,
    "originUrlDeliveryMethod": "url",
    "loginNameMapping": "",
    "authorizationBaseUrl": "http://test:3000/sso/oauth2/authorize",
    "enableSessionExpSync": false,
    "afterLogoutUriParamName": "",
    "secret": "1",
    "emailMapping": "",
    "accessTokenEndpoint": "http://test:3000/sso/oauth2/token",
    "userNameMapping": "",
    "appendRedirectUri": true,
    "reloadUser": true,
    "groupsMapping": "",
    "logoutUrl": "http://test:3000/sso/oauth2/logout",
    "mobileMapping": "",
    "rolesMapping": "",
    "key": "1"
  }
}

钉钉配置

钉钉配置结构说明

字段类型说明
appKeySTRINGAppKey
appSecretSTRINGAppSecret
CorpIdSTRINGcorpId
ssoSecretSTRINGSSOsecret
dtLoginTypeSTRING登录方式:authCode(授权码模式,小程序免登录) ,qrConnect(扫码模式,网页端扫码登录)
schedulerPeriodSTRING同步频率(单位为分钟,0为不同步)
其他配置其他参考 通用配置结构说明

获取钉钉配置

请求URL

http
GET /api/authentication-configs/dingtalk HTTP/1.1
Accept: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...

请求参数

URL 参数

request body 参数

返回对象的格式说明

参考 钉钉配置结构说明

接口示例1: 获取oauth2配置

http
GET /api/authentication-configs/dingtalk HTTP/1.1
Accept: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...
http
HTTP/1.1 200 Ok
Content-Type: application/json

{
  "version": "version@9a5e106#6730f0d",
  "code": 0,
  "msg": "success",
  "data": {
    "enableSyncUserAttr": true,
    "corpId": "test-corp-id",
    "dtLoginType": "authCode",
    "ssoSecret": "",
    "appKey": "test-app-key",
    "appSecret": "test-app-secret",
    "schedulerPeriod": 0
  }
}

编辑钉钉配置

请求URL

http
PUT /api/authentication-configs/dingtalk HTTP/1.1
Content-Type: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...

请求参数

URL 参数

request body 参数

参考 钉钉配置结构说明

接口示例1: 编辑钉钉配置

http
PUT /api/authentication-configs/dingtalk HTTP/1.1
Content-Type: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...

// Request Body:
{
  "appKey": "test-app_key",
  "appSecret": "test-app-secret",
  "corpId": "test-corp-id",
  "ssoSecret": "",
  "schedulerPeriod": 0,
  "dtLoginType": "authCode",
  "enableSyncUserAttr": true
}
http
HTTP/1.1 200 Ok
Content-Type: application/json

{
  "version": "version@9a5e106#6730f0d",
  "code": 0,
  "msg": "success",
  "data": {
    "appKey": "test-app_key",
    "appSecret": "test-app-secret",
    "corpId": "test-corp-id",
    "ssoSecret": "",
    "schedulerPeriod": 0,
    "dtLoginType": "authCode",
    "enableSyncUserAttr": true
  }
}

同步钉钉组织

请求URL

http
PUT /api/authentication-configs/dingtalk/sync HTTP/1.1
Content-Type: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...

请求参数

URL 参数

request body 参数

参考 钉钉配置结构说明

接口示例1: 同步钉钉组织

http
PUT /api/authentication-configs/dingtalk/sync HTTP/1.1
Content-Type: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...

// Request Body:
{
  "appKey": "test-app_key",
  "appSecret": "test-app-secret",
  "corpId": "test-corp-id",
  "ssoSecret": "",
  "schedulerPeriod": 0,
  "dtLoginType": "authCode",
  "enableSyncUserAttr": true
}
http
HTTP/1.1 200 Ok
Content-Type: application/json

{
  "version": "version@9a5e106#6730f0d",
  "code": 0,
  "msg": "success",
  "data": {
    "appKey": "test-app_key",
    "appSecret": "test-app-secret",
    "corpId": "test-corp-id",
    "ssoSecret": "",
    "schedulerPeriod": 0,
    "dtLoginType": "authCode",
    "enableSyncUserAttr": true
  }
}

企业微信配置

企业微信配置结构说明

字段类型说明
keySTRING企业ID
agentIdSTRINGAgentId
secretSTRINGSecret
wcwLoginTypeSTRING登录方式:oauth2(授权码模式,小程序免登录) ,qrConnect(扫码模式,网页端扫码登录)
其他配置其他参考 通用配置结构说明

获取企业微信配置

请求URL

http
GET /api/authentication-configs/wechat-work HTTP/1.1
Accept: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...

请求参数

URL 参数

request body 参数

返回对象的格式说明

参考 企业微信配置结构说明

接口示例1: 获取企业微信配置

http
GET /api/authentication-configs/wechat-work HTTP/1.1
Accept: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...
http
HTTP/1.1 200 Ok
Content-Type: application/json

{
  "version": "version@9a5e106#6730f0d",
  "code": 0,
  "msg": "success",
  "data": {
    "agentId": "test-agent-id",
    "enableSyncUserAttr": true,
    "wcwLoginType": "oauth2",
    "secret": "test-secret",
    "key": "test-key"
  }
}

编辑企业微信配置

请求URL

http
PUT /api/authentication-configs/wechat-work HTTP/1.1
Content-Type: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...

请求参数

URL 参数

request body 参数

参考 企业微信配置结构说明

接口示例1: 编辑企业微信配置

http
PUT /api/authentication-configs/wechat-work HTTP/1.1
Content-Type: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...

// Request Body:
{
  "agentId": "test-agent-id",
  "enableSyncUserAttr": true,
  "wcwLoginType": "oauth2",
  "secret": "test-secret",
  "key": "test-key"
}
http
HTTP/1.1 200 Ok
Content-Type: application/json

{
  "version": "version@9a5e106#6730f0d",
  "code": 0,
  "msg": "success",
  "data": {
    "agentId": "test-agent-id",
    "enableSyncUserAttr": true,
    "wcwLoginType": "oauth2",
    "secret": "test-secret",
    "key": "test-key"
  }
}

JWT配置

JWT配置结构说明

字段类型说明
tokenNameSTRINGJWT Token 名称
checkSignAlgorithmSTRING验签算法
checkSignKeySTRING验签密钥
signKeySTRING签名密钥
decryptMethodSTRING解密方法
decryptAlgorithmSTRING解密算法
decryptKeySTRING解密密钥
encryptKeySTRING加密密钥
groovy scriptSTRINGgroovy script
其他配置其他参考 通用配置结构说明

获取JWT配置

请求URL

http
GET /api/authentication-configs/jwt-param HTTP/1.1
Accept: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...

请求参数

URL 参数

request body 参数

返回对象的格式说明

参考 JWT配置结构说明

接口示例1: 获取JWT配置

http
GET /api/authentication-configs/jwt-param HTTP/1.1
Accept: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...
http
HTTP/1.1 200 Ok
Content-Type: application/json

{
  "version": "version@9a5e106#6730f0d",
  "code": 0,
  "msg": "success",
  "data": {
    "checkSignKey": "4415e5cf-aa28-46af-83e8-fff",
    "enableSyncUserAttr": true,
    "loginNameMapping": "",
    "tokenName": "",
    "enableSessionExpSync": false,
    "emailMapping": "",
    "decryptMethod": "",
    "platformSourceId": "",
    "userNameMapping": "",
    "sessionExpSyncMapping": "",
    "groupsMapping": "",
    "checkSignKeyBase64Encoded": false,
    "decryptKey": "",
    "checkSignAlgorithm": "HS256",
    "mobileMapping": "",
    "decryptAlgorithm": "",
    "tenantNameMapping": "企业名称",
    "tenantCodeMapping": "tenantCode",
    "rolesMapping": ""
  }
}

编辑JWT配置

请求URL

http
PUT /api/authentication-configs/jwt-param HTTP/1.1
Content-Type: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...

请求参数

URL 参数

request body 参数

参考 JWT配置结构说明

接口示例1: 编辑 JWT 配置

http
PUT /api/authentication-configs/jwt-param HTTP/1.1
Content-Type: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...

// Request Body:
{
  "checkSignAlgorithm": "HS256",
  "checkSignKey": "4415e5cf-aa28-46af-83e8-fffff",
  "checkSignKeyBase64Encoded": false,
  "decryptMethod": "",
  "decryptAlgorithm": "",
  "decryptKey": "",
  "enableSyncUserAttr": true,
  "loginNameMapping": "",
  "userNameMapping": "",
  "emailMapping": "",
  "mobileMapping": "",
  "rolesMapping": "",
  "groupsMapping": "",
  "tenantCodeMapping": "",
  "tenantNameMapping": "企业名称",
  "platformSourceId": "tenantCode",
  "enableSessionExpSync": false,
  "sessionExpSyncMapping": "",
  "tokenName": ""
}
http
HTTP/1.1 200 Ok
Content-Type: application/json

{
  "version": "version@9a5e106#6730f0d",
  "code": 0,
  "msg": "success",
  "data": {
    "checkSignAlgorithm": "HS256",
    "checkSignKey": "4415e5cf-aa28-46af-83e8-fffff",
    "checkSignKeyBase64Encoded": false,
    "decryptMethod": "",
    "decryptAlgorithm": "",
    "decryptKey": "",
    "enableSyncUserAttr": true,
    "loginNameMapping": "",
    "userNameMapping": "",
    "emailMapping": "",
    "mobileMapping": "",
    "rolesMapping": "",
    "groupsMapping": "",
    "tenantCodeMapping": "",
    "tenantNameMapping": "企业名称",
    "platformSourceId": "tenantCode",
    "enableSessionExpSync": false,
    "sessionExpSyncMapping": "",
    "tokenName": ""
  }
}

生成密钥

请求URL

http
PUT /api/authentication-configs/jwt-param/generate-key HTTP/1.1
Content-Type: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...

请求参数

URL 参数

request body 参数

参考 JWT配置结构说明

接口示例1: 生成密钥

http
PUT /api/authentication-configs/jwt-param/generate-key HTTP/1.1
Content-Type: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...

// Request Body:
{
  "checkSignAlgorithm": "HS256",
  "checkSignKeyBase64Encoded": false
}
http
HTTP/1.1 200 Ok
Content-Type: application/json

{
  "version": "version@9a5e106#6730f0d",
  "code": 0,
  "msg": "success",
  "data": {
    "enableSyncUserAttr": true,
    "checkSignKey": "9604218ba98c4011a068cdb2ef78fe7d",
    "checkSignKeyBase64Encoded": false,
    "checkSignAlgorithm": "HS256",
    "signKey": "9604218ba98c4011a068cdb2ef78fe7d"
  }
}

飞书配置

飞书配置结构说明

字段类型说明
appIdSTRINGApp ID
appSecretSTRINGApp Secret
其他配置其他参考 通用配置结构说明

获取飞书配置

请求URL

http
GET /api/authentication-configs/lark HTTP/1.1
Accept: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...

请求参数

URL 参数

request body 参数

返回对象的格式说明

参考 飞书配置结构说明

接口示例1: 获取飞书配置

http
GET /api/authentication-configs/lark HTTP/1.1
Accept: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...
http
HTTP/1.1 200 Ok
Content-Type: application/json

{
  "version": "version@9a5e106#6730f0d",
  "code": 0,
  "msg": "success",
  "data": {
    "enableSyncUserAttr": true,
    "appId": "test-app-id",
    "appSecret": "test-app-secret"
  }
}

编辑飞书配置

请求URL

http
PUT /api/authentication-configs/lark HTTP/1.1
Content-Type: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...

请求参数

URL 参数

request body 参数

参考 飞书配置结构说明

接口示例1: 编辑 飞书 配置

http
PUT /api/authentication-configs/lark HTTP/1.1
Content-Type: application/json
Cookie: csrf=183f1c4...; sid=26ee552d...; _USER_SESSION_ID=f2a01083...

// Request Body:
{
  "appId": "cli_a250f4d4963cd00d",
  "appSecret": "lMJTeOaIe9TCADmDYcYKwYMbvUIaeMtS",
  "enableSyncUserAttr": true
}
http
HTTP/1.1 200 Ok
Content-Type: application/json

{
  "version": "version@9a5e106#6730f0d",
  "code": 0,
  "msg": "success",
  "data": {
    "enableSyncUserAttr": true,
    "appId": "test-app-id",
    "appSecret": "test-app-secret"
  }
}

HENGSHI SENSE API 使用手册