This topic describes the QR code logon feature supported by IDaaS EIAM and explains how users can log on to their accounts securely and conveniently by scanning QR codes.
Prerequisite
The IDaaS administrator has attached DingTalk, and the DingTalk QR code logon feature is enabled. For more information, see Attach DingTalk - inbound and Attach DingTalk - outbound.
Select DingTalk QR code logon
On the user logon page, select the DingTalk QR code logon option from other logon methods to navigate to the DingTalk QR code display page. You can scan the QR code using DingTalk.
If you do not see the DingTalk QR code logon option, the administrator should check the logon menu to confirm whether the DingTalk QR code logon feature is enabled.
Two scenarios after scanning the QR code
When using DingTalk QR code to log on, there are two possible scenarios.
Normal QR code logon
When the binding information for the DingTalk identity exists in IDaaS, the following interface appears. Confirm to complete the logon.
IDaaS cannot detect user identity
For accounts not imported from DingTalk, you need to manually attach the DingTalk and IDaaS account identities to successfully log on using the QR code.
After scanning and confirming, the webpage will navigate to the interface shown below. Attach existing IDaaS account to trigger the IDaaS account identity verification flow.
Users need to authenticate using any non-DingTalk QR code method. After authentication is successful, the DingTalk account will be attached to the IDaaS account, and the logon will be successful.
No further attachment is required for subsequent logons.