Authenticating an App ID
Description
This API is used to authenticate an app ID. After the authentication is successful, an access token is generated. For details about app ID authentication, see Introduction to App ID Authentication.
- When clientType is set to 72, up to 64 tokens can be created for each user ID. If 64 tokens have been created using a user ID and the tokens are valid, creating a new token using the same user ID will invalidate the earliest token among the first 64 tokens.
- When clientType is not set to 72, only one token can be created for each user ID.
- A token is valid for 12 to 24 hours.
Debugging
You can debug this API in API Explorer.
Prototype
|
Request Method |
POST |
|---|---|
|
Request Address |
/v2/usg/acs/auth/appauth |
|
Transport Protocol |
HTTPS |
Request Parameters
|
Parameter |
Mandatory |
Type |
Location |
Description |
|---|---|---|---|---|
|
Authorization |
Yes |
String |
Header |
Application authentication information.
NOTE:
If userId is carried, the request body must carry the same userId. |
|
Content-Type |
Yes |
String |
Header |
Media format of the body.
|
|
X-Request-ID |
No |
String |
Header |
Request ID, which is used for fault tracing and locating. You are advised to use a universally unique identifier (UUID). If this parameter is not carried, a request ID is automatically generated. |
|
Accept-Language |
No |
String |
Header |
Language. Values: zh-CN for Chinese (default) and en-US for English. |
|
appId |
Yes |
String |
Body |
App ID. For details about how to obtain an app ID, see Requesting an App ID. |
|
clientType |
Yes |
Integer |
Body |
Type of the account used for login.
|
|
corpId |
No |
String |
Body |
Enterprise ID.
NOTE:
|
|
expireTime |
Yes |
Long |
Body |
Timestamp when the application authentication information expires, in seconds.
NOTE:
|
|
nonce |
Yes |
String |
Body |
Random character string, which is used to calculate application authentication information. minLength: 32 maxLength: 64 |
|
userEmail |
No |
String |
Body |
Email address. |
|
userId |
No |
String |
Body |
Third-party user ID.
NOTE:
If the userId field is not carried or is empty, the user logs in as the default enterprise administrator. |
|
userName |
No |
String |
Body |
Username. |
|
userPhone |
No |
String |
Body |
Mobile number, for example, a mobile number in Chinese Mainland +86xxxxxxx. |
|
deptCode |
No |
String |
Body |
Department code. Obtain the value by calling the API for querying a department and its level-1 subdepartments. |
Status Codes
|
HTTP Status Code |
Description |
|---|---|
|
200 |
Operation successful. |
|
400 |
Invalid parameters. |
|
401 |
Access denied. |
|
403 |
Insufficient permissions. |
|
412 |
The account has been disabled. |
|
423 |
The account has been locked. |
|
500 |
Server exception. |
Response Parameters
|
Parameter |
Type |
Description |
|---|---|---|
|
accessToken |
String |
Access token. |
|
clientType |
Integer |
Type of the account used for login.
|
|
createTime |
Long |
Timestamp when the access token was created, in milliseconds. |
|
daysPwdAvailable |
Integer |
Password validity period. |
|
delayDelete |
Boolean |
Whether the token deletion is delayed. |
|
expireTime |
Long |
Timestamp when the access token expires, in seconds. |
|
firstLogin |
Boolean |
Whether the login is the first login.
NOTE:
If you log in to the system for the first time, the system prompts you to change the initial password. Default value: false. |
|
forceLoginInd |
Integer |
Whether preemptive login is enabled.
|
|
proxyToken |
ProxyTokenDTO object |
Proxy authentication information. |
|
pwdExpired |
Boolean |
Whether the password has expired. Default value: false. |
|
refreshCreateTime |
Long |
Timestamp when the refresh token was created, in milliseconds. |
|
refreshExpireTime |
Long |
Timestamp when the refresh token expires, in seconds. |
|
refreshToken |
String |
Refresh token. |
|
refreshValidPeriod |
Long |
Validity period of the refresh token, in seconds. |
|
tokenIp |
String |
IP address of the login user. |
|
tokenType |
Integer |
Token type.
|
|
user |
UserInfo object |
User authentication details. |
|
validPeriod |
Long |
Validity period of an access token, in seconds. |
Example Request
POST /v2/usg/acs/auth/appauth
Connection: keep-alive
Content-Type: application/json
X-Request-ID: 5162fa32dc7e47afafeee39a72a2eec3
Accept-Language: zh-CN
Host: api.meeting.huaweicloud.com
Authorization: HMAC-SHA256 signature=3eca3f0f1e90ed55de38388066d02f1b7a86571a8ce30823af1df7c4edd7e086
User-Agent: Apache-HttpClient/4.5.3 (Java/1.8.0_191)
{
"appId": "fdb8e4699586458bbd10c834872dcc62",
"clientType": 72,
"expireTime": 1627722929,
"nonce": "EycLQsHwxhzK9OW8UEKWNfH2I3CGR2nINuU1EBpQ1627722929",
"userEmail": "testuser@mycorp.com",
"userId": "testuser@mycorp.com",
"userName": "testuser",
"userPhone": "173****9092"
}
Example Response
HTTP/1.1 200
"X-Envoy-Upstream-Service-Time": "230",
"Server": "api-gateway",
"X-Request-Id": "085d1f96cd9ddd6f3c50d70a0b2eb239",
"X-Content-Type-Options": "nosniff",
"Connection": "keep-alive",
"X-Download-Options": "noopen",
"Pragma": "No-cache",
"Date": "Sat, 31 Jul 2021 06:18:07 GMT",
"X-Frame-Options": "SAMEORIGIN",
"Strict-Transport-Security": "max-age=31536000; includeSubDomains",
"Cache-Control": "no-cache",
"X-Xss-Protection": "1; mode=block",
"Content-Security-Policy": "connect-src 'self' *.huaweicloud.com ;style-src 'self' 'unsafe-inline' 'unsafe-eval';object-src 'self'; font-src 'self' data:;",
"Expires": "Thu, 01 Jan 1970 00:00:00 GMT",
"Content-Length": "1250",
"Content-Type": "application/json"
{
"accessToken":"cnr1316vcp2ceIkbfko3z13Y2J8UdioOw0ER4kTK",
"tokenIp":"49.4.112.60",
"validPeriod":56326,
"expireTime":1627768613,
"createTime":1627712287360,
"user":{
"realm":"huaweicloud.com",
"userId":"53e2759d388e413abf6a56743a2694c5",
"ucloginAccount":"Auto-53e2759d388e413abf6a56743a2694c5",
"serviceAccount":"sip:+99111283523475338@huaweicloud.com",
"numberHA1":"065eb94e5b090f70c77d4d1439f35b8e",
"alias1":null,
"companyId":"651543334",
"spId":"8a8df0a174a1c6680174a26f578b0000",
"companyDomain":null,
"userType":2,
"adminType":2,
"name":"testuser@mycorp.com",
"nameEn":"",
"isBindPhone":null,
"freeUser":false,
"thirdAccount":"testuser@mycorp.com",
"visionAccount":null,
"headPictureUrl":null,
"password":null,
"status":0,
"paidAccount":null,
"paidPassword":null,
"weLinkUser":false,
"appId":"fdb8e4699586458bbd10c834872dcc62",
"tr069Account":null,
"corpType":5,
"cloudUserId":"",
"grayUser":true
},
"clientType":72,
"forceLoginInd":null,
"firstLogin":false,
"pwdExpired":false,
"daysPwdAvailable":-19678,
"proxyToken":null,
"tokenType":0,
"refreshToken":"cnr13168neNyRDfomYEIci7zVjBBybZQG90fYdX2",
"refreshValidPeriod":2592000,
"refreshExpireTime":1630304287,
"refreshCreateTime":1627712287360
}
Error Codes
If an error code starting with MMC or USG is returned when you use this API, rectify the fault by following the instructions provided in Huawei Cloud API Error Center.
Example cURL Command
curl -k -i -H 'content-type: application/json' -X POST -H 'Content-Type: application/json,Accept-Language: zh-CN,Authorization: HMAC-SHA256 signature=198c3046dbdafa9d89ce917c5613c29fda855da2aa79f8f51f2871e88fdba91c' -d '{"appId": "d5e1785afbe44c2588b642446652489e","clientType": 72,"corpId": "807074304","expireTime": 1597824907000,"nonce": "EycLQsHwxhzK9OW8UEKWNfH2I3CGR2nINuU1EBpQ","userEmail": "alice@huawei.com","userId": "alice@ent01","userName": "alice","userPhone": "173****9092"}' 'https://api.meeting.huaweicloud.com/v2/usg/acs/auth/appauth'
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
