Set up social login with DingTalk
The official Logto connector for DingTalk social sign-in in web apps.
This guide assumes you have basic understanding of Logto Connectors. For those unfamiliar, please refer to the Connectors guide to get started.
Get started
The DingTalk web connector is designed for desktop web applications. It uses the OAuth 2.0 authentication flow.
Create a web app in the DingTalk Open Platform
Tips: You can skip some sections if you have already finished.
Register a DingTalk developer account
If you do not have a DingTalk developer account, please register at the DingTalk Open Platform.
Create an application
- In the DingTalk Open Platform "Application Development" > "Internal Enterprise Application" > "DingTalk Application", click "Create Application"
- Fill in the application name and description, and click "Save"
- In the left navigation bar, select "Development Configuration" > "Security Settings", find and configure the "Redirect URL"
${your_logto_origin}/callback/${connector_id}. You can find theconnector_idon the connector details page after adding the respective connector in the management console - In the left navigation bar, select "Basic Information" > "Credentials and Basic Information" to get the
Client IDandClient Secret
Configure permissions
In "Development Configuration" > "Permission Management", select Contact.User.Read and Contact.User.mobile permissions and authorize them
Release Application
In the left navigation bar, select "Application Release" > "Version Management and Release", create and release the first version to activate the Client ID and Client Secret
If the application does not release a version, the obtained "Client ID" and "Client Secret" cannot be used, or requests will fail.
Configure your connector
Fill out the clientId and clientSecret fields with Client ID(formerly AppKey and SuiteKey) and Client Secret(formerly AppKey and SuiteKey) you've got from OAuth app detail pages mentioned in the previous section.
scope currently supports two values: openid and openid corpid. openid allows obtaining the user's userid after authorization, while openid corpid allows obtaining both the user's id and the organization id selected during the login process. The values should be space-delimited. Note: URL encoding is required.
Config types
| Name | Type |
|---|---|
| clientId | string |
| clientSecret | string |
| scope | string |
Test DingTalk connector
That's it. The DingTalk connector should be available now. Don't forget to Enable connector in sign-in experience.
Once DingTalk web connector is enabled, you can sign in to your app again to see if it works.
Please ensure strict compliance with the usage specifications and development guidelines of the DingTalk Open Platform during the development process.
Support
If you have any questions or need further assistance, please visit the DingTalk Developer Documentation or contact DingTalk technical support.