Updated on 2024-03-05 GMT+08:00

Developing a Token Generation Mechanism and Token Authentication API

You need to develop a token generation mechanism and token authentication API for the CEC to perform functions such as authentication. When receiving your JavaScript request, the CEC invokes this API to send the enterprise token, tenant space ID, and user account to your system for confirmation. After the confirmation, the CEC performs internal verification and request processing.

A demo of the token generation mechanism and token authentication API is provided for your reference. You can download the demo from the Huawei Developer Forum (https://bbs.huaweicloud.com/forum/thread-192048-1-1.html). The demo provides the algorithm and verification logic. Use a secure algorithm in actual use. This demo cannot be directly used for production and is for demonstration only. Design the token generation mechanism and token authentication API based on your system security requirements.

Procedure

  1. Develop a token generation mechanism. You need to develop the mechanism based on the features and security requirements of your system.
  2. Develop a token authentication API based on the specifications provided by the CEC. Table 1 and Table 2 describes the requirements of each request parameter and response parameter. The request URL is as follows:

    POST http(s)://ip:port/rest/cc-messaging/v1/thirdparty/chatThirdPartyValidate (which can be customized by the enterprise)

    HTTP is an insecure protocol, which may bring risks to the system. Therefore, it is not recommended. The secure HTTPS is recommended. If HTTPS is used, you need to prepare a certificate in CER format to verify the validity of the HTTPS website.

    Table 1 Request body description

    Parameter

    Type

    Position

    Mandatory or Not

    Description

    Token

    String

    Body

    Yes

    Verification information generated on the enterprise/partner side.

    userName

    String

    Body

    Yes

    Username provided by the enterprise/partner.

    The value must exist in the enterprise authentication system.

    userId

    String

    Body

    Yes

    User ID provided by the enterprise/partner.

    The value must exist in the enterprise authentication system.

    tenantSpaceId

    String

    Body

    Yes

    Tenant space ID provided by the CEC. To obtain the tenant space ID, choose Configuration Center > System Management > Tenant Information.

    • Example
    {
        "Token":"XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
        "userName":"Tom",
        "userId":"10010001"
        "tenantSpaceId":"202007159031"
     }

    The preceding username and user ID are examples. Ensure that the enterprise customer exists.

    Table 2 Response description

    Parameter

    Type

    Position

    Mandatory or Not

    Description

    retCode

    Integer

    Body

    Yes

    Interface result identifier.

    0 indicates success.

    Other values indicate failure.

    message

    String

    Body

    Yes

    Result information.

    • Example
    {
        "retCode":0,
        "message":"validate success"
    }

  3. (Required if HTTPS is used) Submit the URL and certificate file of the authentication API to the CEC operations administrator. The operations administrator configures the URL and certificate file in the CEC.