This document describes how to activate, start a free trial of, or purchase Alibaba Cloud IDaaS Enterprise Edition in DingTalk.
Alibaba Cloud IDaaS EIAM (Cloud Identity Service) is a cloud-native, secure, and standardized identity and permission management system from Alibaba Cloud. As part of the cloud-DingTalk integration, IDaaS is an official Alibaba Cloud security product available on the DingTalk marketplace. It helps DingTalk enterprises eliminate identity silos, implement single sign-on (SSO) for applications, and secure identities.
IDaaS offers a Free Edition and an Enterprise Edition. If you only need the Free Edition, you can access it from the Alibaba Cloud IDaaS console. To obtain the Enterprise Edition in DingTalk, see the Purchase procedure below. The Enterprise Edition offers the same product capabilities in both DingTalk and Alibaba Cloud.
Core capabilities
Enterprise identity connector
Enterprises may already use tools such as Active Directory (AD) or OpenLDAP to manage employees, permissions, computers, and networks. However, the identity data from these tools cannot be integrated with the DingTalk address book. This causes delays and inefficiencies in the flow of employee account data.
The free features of IDaaS allow you to synchronize account and organization data from systems such as AD and OpenLDAP to DingTalk. When an upstream employee joins or leaves the company, the DingTalk address book is automatically updated. This ensures that a single change is effective everywhere.
You can configure this scenario on the user interface without any development.
Enterprise application pass
In daily operations, enterprises use various Software as a Service (SaaS), open-source, and self-developed applications. Some applications are difficult to integrate with the DingTalk workbench for single sign-on. This results in an incomplete set of applications on the DingTalk workbench, and employees still need to remember multiple sets of account credentials.
IDaaS acts as an enterprise application pass, extending DingTalk's SSO capabilities. It helps you integrate hundreds of mainstream applications into the DingTalk workbench without development. Employees need only one account to access all authorized enterprise applications without a password. This provides one account for access everywhere.
Enterprise security shield
Data is a vital enterprise asset, and identity is the key to accessing it. Protecting identities is fundamental to enterprise security. In addition to being an identity connector and application pass, IDaaS also serves as an enterprise security shield. It consolidates complex application usage and management workflows into four unified nodes. Each node has built-in security features to provide multi-layered protection, including pre-event prevention, in-event blocking, and post-event tracing.
Purchase procedure
IDaaS offers a Free Edition and an Enterprise Edition. If you only need the Free Edition, you can access it from the Alibaba Cloud IDaaS console. To obtain the Enterprise Edition in DingTalk, follow the steps below. The Enterprise Edition offers the same product capabilities in both DingTalk and Alibaba Cloud.
Step 1: Activate IDaaS in DingTalk
On the and find Alibaba Cloud IDaaS, or search for it directly. Go to the product page and activate the application for free.
This operation requires the DingTalk PC client.
Step 2: Get an activation code
When a DingTalk administrator opens the IDaaS application, the IDaaS Activation Code Management page appears by default. Users who are not DingTalk administrators cannot open this page.
On this page, you can purchase or start a free trial to obtain an activation code. If you purchase an activation code, you can also renew or upgrade it on this page later.
The activation code is a random number that refreshes hourly. You can copy it from the right side of the list.
Step 3: Create an IDaaS instance
Go to the Alibaba Cloud IDaaS console and create a free instance under EIAM Cloud Identity Service. After the instance is created, click Access Console to open the instance.
Step 4: Activate the IDaaS instance
On the Quick Start page of the instance, click Use Activation Code in the lower-right corner. Enter the activation code that you obtained from DingTalk. Click OK to upgrade the IDaaS instance to the trial or Enterprise Edition.
After the upgrade is complete, you can start configuring identity management. You can test the core features of IDaaS by following the instructions in Create an account. These features include synchronizing AD accounts to DingTalk, logging on with a DingTalk QR code, and using SSO for workbench applications.
Renewal/Upgrade procedure
When a DingTalk administrator opens the IDaaS application in DingTalk, the IDaaS Activation Code Management page appears by default. If you cannot open this page, contact a DingTalk administrator to grant you the required permissions.
On this page, you can purchase an activation code. This action opens the purchase page.
If you have an Enterprise Edition activation code with a Normal status, purchasing an activation code with the same specifications is considered a renewal. Purchasing an activation code with higher specifications is considered an upgrade. Both actions apply to this activation code.
If you do not have an Enterprise Edition activation code with a Normal status, purchasing an activation code is considered a new purchase. You must go to the Alibaba Cloud IDaaS console again to activate the IDaaS instance.