Help Center/ Meeting/ Server API Reference/ Login Authentication/ APIs/ Configuring Single Sign-On (SSO)
Updated on 2023-12-22 GMT+08:00

Configuring Single Sign-On (SSO)

Description

This API is used to configure SSO.

Debugging

You can debug this API in API Explorer.

Prototype

Table 1 Prototype

Request Method

POST

Request Address

/v1/usg/acs/authorizeconfig

Transport Protocol

HTTPS

Request Parameters

Table 2 Parameters

Parameter

Mandatory

Type

Location

Description

X-Access-Token

Yes

String

Header

Authorization token. Use the value of accessToken in the response to the request for Authenticating an App ID.

X-Request-ID

No

String

Header

Request ID, which is used for fault tracing and locating. You are advised to use a UUID. If this parameter is not carried, a request ID is automatically generated.

Accept-Language

No

String

Header

Language. Values: zh-CN for Chinese (default) and en-US for English.

Content-Type

Yes

String

Header

Media format of the body. Value: application/json or charset=UTF-8

enableSSO

Yes

Boolean

Body

Whether SSO is enabled.

domain

No

String

Body

Enterprise domain name.

NOTE:

This parameter is mandatory when SSO is enabled.

authorizeUrl

No

String

Body

Authorization center URL.

NOTE:

This parameter is mandatory when SSO is enabled.

getTokenUrl

No

String

Body

URL for obtaining a token.

NOTE:

This parameter is mandatory when SSO is enabled.

clientId

No

String

Body

App ID.

NOTE:

This parameter is mandatory when SSO is enabled.

clientSecret

No

String

Body

appKey.

NOTE:
  • When SSO is enabled and the value of getTokenUrl or getUserInfoUrl is changed, specify this parameter.
  • When SSO is enabled, the values of getTokenUrl and getUserInfoUrl are not changed, and the app key is not changed, leave this parameter empty.

scope

No

String

Body

Authorization scope.

  • openid: OIDC of OAuth 2.0.

accFieldName

No

String

Body

Account field in the third-party system.

NOTE:

This parameter is mandatory when SSO is enabled.

getUserInfoUrl

No

String

Body

URL for querying user details.

oauth2ServerType

No

Integer

Body

Authentication mode.

  • 0: OAuth 2.0 authentication.

pcSchemaUrl

No

String

Body

Schema of starting the PC client.

androidSchemaUrl

No

String

Body

Schema of starting the Android app.

iosSchemaUrl

No

String

Body

Schema of starting the iOS app.

thirdName

No

String

Body

Name field in the third-party system.

thirdEmail

No

String

Body

Email address field in the third-party system.

thirdMobile

No

String

Body

Mobile number field in the third-party system.

thirdAccessToken

No

String

Body

Access token field in the third-party system.

NOTE:

This parameter is mandatory when SSO is enabled.

thirdHeadImgUrl

No

String

Body

Profile picture field in the third-party system.

Status Codes

Table 3 Status codes

HTTP Status Code

Description

200

Operation successful.

400

Invalid parameters.

401

Authentication is not performed or fails.

403

Insufficient permissions.

500

Server exception.

Response Parameters

None

Example Request

POST /v1/usg/acs/authorizeconfig
Connection: keep-alive
X-Access-Token: stbVbWSIgzfOQ8JnbmPIoBIR3ig8xnVScQOF
Content-Type: application/json
Host: api.meeting.huaweicloud.com 
User-Agent: Apache-HttpClient/4.5.3 (Java/1.8.0_191)

{
    "enableSSO": true,
    "domain": "clouddragon.huawei.com",
    "authorizeUrl": "http://127.0.0.1:8444/sns/userinfo",
    "getTokenUrl": "http://127.0.0.1:8444/sns/oauth2/access_token",
    "clientId": "18bc94a643bd4b93aab3179726120943",
    "clientSecret": null,
    "scope": null,
    "accFieldName": "openid",
    "getUserInfoUrl": "http://127.0.0.1:8444/sns/userinfo",
    "oauth2ServerType": 0,
    "pcSchemaUrl": "http://127.0.0.1:8444/schema/pc",
    "androidSchemaUrl": "http://127.0.0.1:8444/schema/android",
    "iosSchemaUrl": "http://127.0.0.1:8444/schema/ios",
    "thirdName": "openid",
    "thirdEmail": null,
    "thirdMobile": null,
    "thirdAccessToken": "access_token",
    "thirdHeadImgUrl": null
}

Example Response

HTTP/1.1 200 
Date: Wed, 18 Dec 2019 06:20:40 GMT
Content-Type: application/json;charset=UTF-8
Connection: keep-alive
Pragma: No-cache
Cache-Control: no-cache
Server: api-gateway
X-Request-Id: 28007a3bf4d6478e530b09589582f26s

Error Codes

If an error code starting with MMC or USG is returned when you use this API, rectify the fault by following the instructions provided in Huawei Cloud API Error Center.

Example cURL Command

curl -k -i -H 'content-type: application/json' -X POST  -H 'X-Access-Token: stbVbWSIgzfOQ8JnbmPIoBIR3ig8xnVScQOF'  -d '{"enableSSO": true,"domain": "clouddragon.huawei.com","authorizeUrl": "http://127.0.0.1:8444/sns/userinfo","getTokenUrl": "http://127.0.0.1:8444/sns/oauth2/access_token","clientId": "18bc94a643bd4b93aab3179726120943","clientSecret": null,"scope": null,"accFieldName": "openid","getUserInfoUrl": "http://127.0.0.1:8444/sns/userinfo","oauth2ServerType": 0,"pcSchemaUrl": "http://127.0.0.1:8444/schema/pc","androidSchemaUrl": "http://127.0.0.1:8444/schema/android","iosSchemaUrl": "http://127.0.0.1:8444/schema/ios","thirdName": "openid","thirdEmail": null,"thirdMobile": null,"thirdAccessToken": "access_token","thirdHeadImgUrl": null}'
 'https://api.meeting.huaweicloud.com/v1/usg/acs/authorizeconfig'