Developing a Token Generation Mechanism and Token Authentication API
You need to develop a token generation mechanism and token authentication API for the CEC to perform functions such as authentication. When receiving your JavaScript request, the CEC invokes this API to send the enterprise token, tenant space ID, and user account to your system for confirmation. After the confirmation, the CEC performs internal verification and request processing.
A demo of the token generation mechanism and token authentication API is provided for your reference. You can download the demo from the Huawei Developer Forum (https://bbs.huaweicloud.com/forum/thread-192048-1-1.html). The demo provides the algorithm and verification logic. Use a secure algorithm in actual use. This demo cannot be directly used for production and is for demonstration only. Design the token generation mechanism and token authentication API based on your system security requirements.
Procedure
- Develop a token generation mechanism. You need to develop the mechanism based on the features and security requirements of your system.
- Develop a token authentication API based on the specifications provided by the CEC. Table 1 and Table 2 describes the requirements of each request parameter and response parameter. The request URL is as follows:
POST http(s)://ip:port/rest/cc-messaging/v1/thirdparty/chatThirdPartyValidate (which can be customized by the enterprise)
HTTP is an insecure protocol, which may bring risks to the system. Therefore, it is not recommended. The secure HTTPS is recommended. If HTTPS is used, you need to prepare a certificate in CER format to verify the validity of the HTTPS website.
Table 1 Request body description Parameter
Type
Position
Mandatory or Not
Description
Token
String
Body
Yes
Verification information generated on the enterprise/partner side.
userName
String
Body
Yes
Username provided by the enterprise/partner.
The value must exist in the enterprise authentication system.
userId
String
Body
Yes
User ID provided by the enterprise/partner.
The value must exist in the enterprise authentication system.
tenantSpaceId
String
Body
Yes
Tenant space ID provided by the CEC. To obtain the tenant space ID, choose Configuration Center > System Management > Tenant Information.
- Example
{ "Token":"XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", "userName":"Tom", "userId":"10010001" "tenantSpaceId":"202007159031" }
The preceding username and user ID are examples. Ensure that the enterprise customer exists.
Table 2 Response description Parameter
Type
Position
Mandatory or Not
Description
retCode
Integer
Body
Yes
Interface result identifier.
0 indicates success.
Other values indicate failure.
message
String
Body
Yes
Result information.
- Example
{ "retCode":0, "message":"validate success" }
- (Required if HTTPS is used) Submit the URL and certificate file of the authentication API to the CEC operations administrator. The operations administrator configures the URL and certificate file in the CEC.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot