How Do I Configure SSO Login for My Enterprise?
- Configuration on the Huawei Cloud Meeting Management Platform
After enterprise-owned authentication takes effect, internal accounts of your enterprise will be used to log in to the mobile app, desktop client, and Management Platform. Ensure that you have tested the enterprise-owned authentication on the configuration page. (It is recommended that you connect the enterprise-owned authentication to Huawei Cloud Meeting in a test enterprise first. After the connection is successful, configure enterprise-owned authentication in your enterprise.) Save the configuration only after the verification is successful.
Before the connection, ensure that all parameters have been configured. Otherwise, the login fails.
- On the Huawei Cloud Meeting website, click Console, enter the Huawei Cloud account and password, and click Access Management Platform to go to the Huawei Cloud Meeting Management Platform.
- In the navigation pane, choose Advanced Settings > Openness.
- Click the SSO Login tab.
- Set SSO Login to Enabled.
Parameter description:
Parameter
Description
Basic Settings
Enterprise Domain Name
Domain name configured by your enterprise. Enter the domain name when logging in to the app.
Token URL
URL for obtaining a token. Huawei Cloud Meeting uses the temporary code generated during enterprise authentication to obtain the token for accessing enterprise user information.
Authorization Center URL
URL of the enterprise authentication center. After you enter the enterprise domain name in the Huawei Cloud Meeting app, you will be redirected to the page specified by this parameter. You can enter your account and password or scan the QR code on the page.
User Info Query URL
URL for querying user information. Huawei Cloud Meeting obtains user information (such as the name and contact information) using this URL.
App ID
App ID used to identify Huawei Cloud Meeting. Obtain the app ID from the enterprise authentication platform.
- Scheme for Starting PC Client
- Scheme for Starting Android App
- Scheme for Starting iOS App
Scheme URL for starting the app after the authentication is successful.
Mappings
Third-Party Account Field Name
Account field in the authentication API.
Third-Party Access Token Field Name
Token field in the API for obtaining a token.
- Third-Party Name Field Name
- Third-Party Email Address Field Name
- Third-Party Mobile Number Field Name
Mapping between fields in the enterprise user information API and Huawei Cloud Meeting user information.
- Configuration on your enterprise authentication platform (example: WeChat authentication)
- Apply for an app ID and key on the WeChat Open Platform.
- Request code to obtain the URL of the authentication center.
Before using a third-party website application for login authorization, ensure that you have obtained the authorization scope (scope = snsapi_login) of the corresponding web page. If the authorization scope has been obtained, you can access the following link on the PC:
https://open.weixin.qq.com/connect/qrconnect?appid=APPID&redirect_uri=REDIRECT_URI&response_type=code&scope=SCOPE&state=STATE#wechat_redirect
If the system displays a message indicating that the link cannot be accessed, check whether parameters are incorrect. For example, the domain name specified by redirect_uri is inconsistent with the authorized domain name entered during the review or the value of scope is not snsapi_login.
- Use code to obtain access_token (Token URL).
https://api.weixin.qq.com/sns/oauth2/acess_token?appid=APPID&secret=SECRET&code=CODE&grant_type=authorization_code
- Use access_token to call the APIs (User Info Query URL).
Prerequisites:
- access_token is valid.
- The WeChat user has authorized the corresponding scopes of APIs to the third-party application account.
The following APIs can be called.
Authorization Scope
API
Description
snsapi_base
/sns/oauth2/access_token
Obtain access_token, refresh_token, and authorized scopes using code.
snsapi_base
/sns/oauth2/refresh_token
Refresh or renew access_token.
snsapi_base
/sns/auth
Check the validity of access_token.
snsapi_userinfo
/sns/userinfo
Obtain user information.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot