This topic explains how to configure DingTalk as an OAuth credential provider for Agent Identity.
Prerequisites
-
You must have an administrator account that can manage applications on the DingTalk Open Platform.
-
The operator must have the Agent Identity administrator
AliyunAgentIdentityFullAccesspermission.
Step 1: Create an OAuth application on the DingTalk Open Platform
-
Sign in to the DingTalk developer console.
-
Navigate to App Development > Internal-company Apps > DingTalk App , and then click Create App .
-
Enter the application information.
Parameter
Required
Description
App name
Yes
Enter an app name. The minimum length is 2 characters.
App description
Yes
Briefly describe the products or services the application offers. The description must be at least 4 characters long.
App icon
No
Upload an icon for the application. The icon must be a JPG or PNG file, at least 240 x 240 pixels, have a 1:1 aspect ratio, and be smaller than 2 MB. The icon must not have rounded corners.
-
Click Save to open the application details page.
-
On the application details page, in the left navigation pane, click Basic Information > Credentials and Basic Information. Copy and save the Client ID and Client Secret.
-
Navigate to App Release > Version Management and Release and click Create New Version. Enter the required information, click Save, and then release the application.
Step 2: Create an OAuth credential provider in Agent Identity
-
Sign in to the Agent Identity console. In the left navigation pane, select .
-
On the Credential Providers page, ensure the OAuth2 tab is selected.
-
Click Create Credential Provider.
-
On the Create Credential Provider page, configure the following parameters:
-
Credential provider name: The name of the OAuth credential provider.
-
Description (optional): The description of the credential provider.
-
-
In the Basic information section, copy the Callback URL.
-
In the Configuration information section, configure the following settings:
-
Provider: Select DingTalk.
-
Client ID: Paste the Client ID from Step 1.
-
Client Secret: Paste the Client Secret from Step 1.
-
-
Click Create Credential Provider.
Step 3: Update the redirect URL of the OAuth application on the DingTalk Open Platform
-
Return to the DingTalk developer console. Find the application you created, and click its name to open the details page.
-
On the application details page, in the left navigation pane, click .
-
On the Security Settings page, in the Redirect URL (Callback Domain) text box, paste the callback URL from Step 2.
-
Click Save.