Connected Identity Authentication
# Description
Connected Identity Authentication
# Request Specification
Method: POST + application/json
Endpoint: https://${cloud domain}/er/oauth/getUserInfoByCode?thirdTraceId=${Random String}
Headers: Refer to Common Parameters
# Request Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
| grantType | String | Yes | Authorization mode, value for this API: authorization_code |
| appId | String | Yes | Self-built application's appId |
| appSecret | String | Yes | Self-built application's appSecret |
| redirectUrl | String | Yes | Third-party login URL |
| code | String | Yes | Code returned after successful login (see Special Notes) |
| mapperObjectApiName | String | No | AccountObj: Associated customer; PartnerObj: Associated partner |
# Request Example
{
"mapperObjectApiName": "xxxxx",
"redirectUrl": "xxxxx",
"code": "xxxxx",
"appId": "xxxxx",
"appSecret": "xxxxx",
"grantType": "authorization_code"
}
# Response Parameters
| Parameter | Type | Description |
|---|---|---|
| traceId | string | Unique request ID |
| errorDescription | string | Error description |
| errorMessage | string | Error message |
| errorCode | Int | Error codes reference |
# Response Example
{
"traceId": "E-O.827xxxxxx",
"errorDescription": "success",
"errorMessage": "OK",
"errorCode": 0
}
# Notes
- Do not use the message field in the response for logical judgments as errorMessage may change;
# Special Notes
# Accessing Third-party Systems via Existing Connected Apps
Embed the following URL in connected applications: https://{Fxiaoke Open Platform Domain}/er/oauth/authorize?responseType=code&erAppId=xxxx&appId=FSAID_xxx&state=xxx&redirectUrl={urlencoded third-party page URL}
| Parameter | Type | Required | Description |
|---|---|---|---|
| erAppId | String | Yes | Connected application's appId |
| appId | String | Yes | Self-built application's appId |
| redirectUrl | String | Yes | Callback URL |
| responseType | String | Yes | Fixed value: code |
| state | String | Yes | Client-side state value. 8-128 digits or characters. Used by third-party apps to prevent CSRF attacks, will be returned unchanged upon successful authorization |
After clicking this URL, the page will redirect to the redirectUrl with a code parameter, e.g.:
https://{third-party system URL}?code=xxxxxx
# Accessing Third-party Systems via Self-built Connected Apps
Steps:
- Prepare a callback URL, e.g. https://www.xxx.com/callback
- Contact Fxiaoke support to create a connected application for SSO in the upstream system
- In the upstream enterprise's connected applications, authorize this connected application to the downstream enterprise for login
- When the downstream enterprise clicks to log in, it will redirect to the callback URL configured in step 1 and pass a code parameter (expires in 10 minutes). E.g.: https://www.xxx.com/callback?code=xxxx