Target audience
This document is intended for developers of the following app types:- Internal app: An app developed by an organization for use only by its own employees.
- Third-party enterprise app (ISV app): A SaaS app developed by a third-party service provider and installed by multiple enterprise customers.
- App management backend system: A configuration and management system that the Organization Admin accesses directly from the DingTalk admin console.
Supported silent login scenarios
- Silent login for web apps (H5 micro apps)
- Silent login for the app management backend
-
Web-based sign-in to an app (sign in to a third-party website)
-
In-browser implementation
- Scan QR Code sign-in
- Sign in with a DingTalk account and password
-
In-browser implementation
Silent login for internal apps
When an enterprise developer builds an internal app, employees can use the app within DingTalk and sign in to the system automatically without entering an account or password. For the silent login steps, see Silent login for web apps (H5 micro apps).| Step | Description |
|---|---|
| Step 1: Obtain the silent login authorization code. | Mini program development is not supported on the PC. To build a PC app, use the Micro app development approach. |
| Step 2: Obtain the access_token. | Call the Obtain the access token of an internal app API. |
| Step 3: Obtain the user ID. | Call the Obtain user information by using the silent login code API to obtain the user ID. |
| Step 4: Obtain user details. | Call the Query user details API to obtain user details. |
| Step | Description |
|---|---|
| Step 1: Obtain the silent login authorization code. | Mini program development is not supported on the PC. To build a PC app, use the Micro app development approach. |
| Step 2: Obtain the access_token. | Call the API to obtain the access token of an organization authorized for a third-party app. |
| Step 3: Obtain the user ID. | Call the Obtain user information by using the silent login code API to obtain the user ID. |
| Step 4: Obtain user details. | Call the Query user details API to obtain user details. |
Silent login for the app management backend
If your app requires the Organization Admin to perform configuration and management tasks in the DingTalk admin console, you need to build a backend management system for the app. The Admin can then click the app management backend directly in the DingTalk admin console and sign in to your backend system automatically, without entering an account or password. For the silent login steps, see Silent login for the app management backend.| Step | Description |
|---|---|
| Step 1: Obtain the silent login authorization code. | After the Organization Admin signs in to the DingTalk admin console and clicks the app on the Workbench, the page is redirected to the app’s backend URL, and DingTalk appends a code parameter to that URL. Save the code parameter value for use in later steps. |
| Step 2: Obtain the access_token for silent login to the app backend. | Call the API to obtain the access token for silent login to the micro app backend, and use it as the access_token for silent login to the app backend. |
| Step 3: Obtain the identity information of the app Admin. | Use the code obtained in Step 1 and the access_token obtained in Step 2 to exchange for the identity information of the app Admin. For details, see Obtain user information for silent login to the app management backend. |