竹云IDaaS•开放平台
员工身份(EIAM)

用户名+密码登录接口

接口

用户名密码登录接口调用过程中,根据配置返回不同结果。正常调用成功会返回用户的session_token,开启密码过期检查或二次认证会返回state_token,失败返回失败信息。

# 请求说明

请求地址 https://{your_domain}/api/v2/sdk/login

请求方式 POST

请求类型 application/json

# 请求Header头参数

参数名 中文名称 必须 类型 示例
X-operating-sys-version 调用方操作系统版本 String windows10.1.1
X-device-fingerprint 调用方设备指纹 String 156aysdna213sc50
X-device-ip 调用方IP String 192.168.1.2
X-agent User-Agent信息 String Mozilla/5.0 (iPhone; CPU iPhone OS 13_3 like Mac OS X) AppleWebKit/605.1.15(KHTML, like Gecko)
Mobile/15E148/HuaWei-AnyOffice/2.6.1802.0010/com.huawei.cloudlink.workplace
X-L 用于国际化语言设置 String zh
X-client-id 应用授权ID String nTo1eRIub60vPb54WeE6aojPwYwImtl4

# 请求包体示例

{
    "user_name":"test01",
    "password":"123456"
}
1
2
3
4

# 请求参数

参数名 中文名称 必须 类型 描述
user_name 用户名 String 用户名
password 密码 String 密码

# 返回示例

成功示例1(成功匹配用户返回session_token):
HTTP/1.1 200 OK
Content-Type: application/json
{
    "session_token": "btsiBjx85prcZu6I6Ki057Tmw3nSF2VO",
    "expire": 604800,
    "status": "SUCCESS",
    "id_token": "eyJraWQiOiJrMSIsImFsZyI6IlJTMjU2In0.eyJpc3MiOiJJc3N1ZXIiLCJhdWQiOiJBdWRpZW5jZSIsImV4cCI6MTY1MzQ4NDQxMiwianRpIjoieUxSVGZXY1VkYk9PeUFpbHdZU0ZqZyIsImlhdCI6MTY1MzQ2NjQxMiwibmJmIjoxNjUzNDY2MjkyLCJzdWIiOiJzdWJqZWN0IiwiYXBpIjoie1wibmFtZVwiOlwiXCIsXCJtb2JpbGVcIjpcIis4Ni0xNTkwNzEzMjg1MlwiLFwiaWRcIjpcIjIwMjIwNDI1MTQwMTM4NTE5LUJGMUItNTI4QjA1NTFCXCIsXCJ1c2VyTmFtZVwiOlwibG91eGlcIixcImVtYWlsXCI6XCIxMUBxcS5jb21cIn0ifQ.al79knH1fKa4aT4AFr_FMjqBKu2pV_g-lKzzgHzmor5X-dHwSBUtjH38KOzjIqHvkcRMjXQuBnWmjRI7-0Djn2LuWVueaf3wRXLscCWiSDC7chjUyTRXMatYINxdvW-oSWFYGFqqbdsavLqOnvehd7ahEaTuiL9yZolvslZIkIxjxBJJu7A9Ln2sk3wf9pxXU83jIJ8ubPQBoVS-ilerTTJOKDZ9XsL2ftJsaqdTJK_mYbvKaVpLIVyHHJ2NcF6f-Al4N4kc8cgxtSgSKFDcR7Bz7dYlOcfUXCPAzJ3NZInm8UaksiWU02tvlvTRvRdoxZNnvD5vamZ5hjFc-cW5jA"
}
成功示例2(返回密码快过期流程):
HTTP/1.1 200 OK
Content-Type: application/json
{
    "status": "PASSWORD_WARN",
	"state_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJ7XCJ1c2VySWRcIjpcIjIwMjIwMjExMTY0NDUwNjk5LTE2M0QtNTVFMEI1RTRCXCIsXCJzdGF0dXNcIjpcIlBBU1NXT1JEX0VYUElSRURcIn0iLCJleHAiOjE2NDQ1NzEzNjAsImlhdCI6MTY0NDU2OTU2MCwianRpIjoiMTY0NDU2OTU2MDIwNDAifQ.WGk9GGQGmKsmo4UmCzKfiC9x1Fj0WBowdO7jEStMvB4",
	"data": "{\"maxLength\":18,\"minLength\":8,\"regEx\":\"^.{8,18}$\",\"tip\":\"密码长度在8至18之间\",\"verifyTypes\":{\"PWD\":null,\"MOBILE\":\"+86-130****1234\",\"EMAIL\":\"****@qq.com\"}}"
}
成功示例3(返回密码已过期流程):
HTTP/1.1 200 OK
Content-Type: application/json
{
    "status": "PASSWORD_EXPIRED",
    "state_token":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWJqZWN0Ijoie1wic3RhdGVcIjpcIlBBU1NXT1JEX1dBUk5cIixcInVzZXJJZFwiOlwiMjAyMTA3MjYxNzQwNTgxNDUtOTFCQy0xM0UwMTRBQkJcIn0iLCJpZCI6IjIwMjEwNzI2MTc0MDU4MTQ1LTkxQkMtMTNFMDE0QUJCIiwiZXhwIjoxNjI43MTkwLCJpYXQiOjEasd2Mjg4NDY1OTB9.-egHWNfNPIxNnM540_wTYMtFwB4C9ymznEPRiIC4we0",
    "data": "{\"maxLength\":18,\"minLength\":8,\"regEx\":\"^.{8,18}$\",\"tip\":\"密码长度在8至18之间\",\"verifyTypes\":{\"PWD\":null,\"MOBILE\":\"+86-130****1234\",\"EMAIL\":\"****@qq.com\"}}"
}
成功示例4(返回二次认证流程):
HTTP/1.1 200 OK
Content-Type: application/json
{
    "status": "MFA_AUTH",
    "state_token":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWJqZWN0Ijoie1wic3RhdGVcIjpcIlBBU1NXT1JEX1dBUk5cIixcInVzZXJJZFwiOlwiMjAyMTA3MjYxNzQwNTgxNDUtOTFCQy0xM0UwMTRBQkJcIn0iLCJpZCI6IjIwMjEwNzI2MTc0MDU4MTQ1LTkxQkMtMTNFMDE0QUJCIiwiZXhwIjoxNjI43MTkwLCJpYXQiOjEasd2Mjg4NDY1OTB9.-egHWNfNPIxNnM540_wTYMtFwB4C9ymznEPRiIC4we0",
    "data": "[\"SMS\",\"EMAIL\"]"
}
成功示例5(返回拒绝访问流程):
HTTP/1.1 200 OK
Content-Type: application/json
{
    "status": "ACCESS_DENIED",
    "state_token":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWJqZWN0Ijoie1wic3RhdGVcIjpcIlBBU1NXT1JEX1dBUk5cIixcInVzZXJJZFwiOlwiMjAyMTA3MjYxNzQwNTgxNDUtOTFCQy0xM0UwMTRBQkJcIn0iLCJpZCI6IjIwMjEwNzI2MTc0MDU4MTQ1LTkxQkMtMTNFMDE0QUJCIiwiZXhwIjoxNjI43MTkwLCJpYXQiOjEasd2Mjg4NDY1OTB9.-egHWNfNPIxNnM540_wTYMtFwB4C9ymznEPRiIC4we0",
    "data": "拒绝访问"
}
错误示例:
HTTP/1.1 400 Bad Request
{
    "error_code": "SDK.COMMON.1001",
    "error_msg": "Parameter X-client-id cannot be left blank."
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47

# 返回参数

参数名 中文名称 类型 描述
status 登录流程状态标识 String 该字段可能返回的值如下
  • SUCCESS = 登录成功
  • PASSWORD_WARN = 密码快过期
  • PASSWORD_EXPIRED = 密码已过期
  • MFA_AUTH = 二次认证
  • ACCESS_DENIED = 拒绝访问
    • expire session_token有效期 Number session_token有效期,有效期内可使用session_token获取ticket
    session_token 用户session_token String 用户session_token,可使用该token调用IDaaS接口获取ticket,ticket可以换取用户信息
    state_token 用户带有状态的令牌 String 用户带有状态的令牌
    data 返回说明 String 返回说明
  • status = PASSWORD_WARN/PASSWORD_EXPIRED,返回密码长度规则,以及修改密码支持的方式verifyTypes,PWD:密码,MOBILE:手机号,EMAIL:邮箱
  • status = MFA_AUTH,返回二次认证的方式
  • status = ACCESS_DENIED,返回拒绝访问
    • id_token 短期有效,接口调用凭证 String 该字段是一个jwt,保存了用户信息以及应用的scope信息需要验签后获取,默认2小时有效,支持可配置

    手机号+密码登录接口