Overview
Configure CloudBase authentication providers: Anonymous, Username/Password, SMS, Email, WeChat, Google, and more.
Prerequisites: CloudBase environment ID (env )
Authentication Scenarios
- Get Login Strategy
Query current login configuration:
{
"params": { "EnvId": env },
"service": "lowcode",
"action": "DescribeLoginStrategy"
}
Returns LoginStrategy object or false if not configured.
- Anonymous Login
-
Get LoginStrategy (see Scenario 1)
-
Set LoginStrategy.AnonymousLogin = true (on) or false (off)
-
Update:
{
"params": { "EnvId": env, ...LoginStrategy },
"service": "lowcode",
"action": "ModifyLoginStrategy"
}
- Username/Password Login
-
Get LoginStrategy (see Scenario 1)
-
Set LoginStrategy.UserNameLogin = true (on) or false (off)
-
Update:
{
"params": { "EnvId": env, ...LoginStrategy },
"service": "lowcode",
"action": "ModifyLoginStrategy"
}
- SMS Login
-
Get LoginStrategy (see Scenario 1)
-
Modify:
-
Turn on: LoginStrategy.PhoneNumberLogin = true
-
Turn off: LoginStrategy.PhoneNumberLogin = false
-
Config (optional): LoginStrategy.SmsVerificationConfig = { Type: 'default', // 'default' or 'apis' Method: 'methodName', SmsDayLimit: 30 // -1 = unlimited }
-
Update:
{
"params": { "EnvId": env, ...LoginStrategy },
"service": "lowcode",
"action": "ModifyLoginStrategy"
}
- Email Login
Turn on (Tencent Cloud email):
{
"params": {
"EnvId": env,
"Id": "email",
"On": "TRUE",
"EmailConfig": { "On": "TRUE", "SmtpConfig": {} }
},
"service": "tcb",
"action": "ModifyProvider"
}
Turn off:
{
"params": { "EnvId": env, "Id": "email", "On": "FALSE" },
"service": "tcb",
"action": "ModifyProvider"
}
Turn on (custom SMTP):
{
"params": {
"EnvId": env,
"Id": "email",
"On": "TRUE",
"EmailConfig": {
"On": "FALSE",
"SmtpConfig": {
"AccountPassword": "password",
"AccountUsername": "username",
"SecurityMode": "SSL",
"SenderAddress": "sender@example.com",
"ServerHost": "smtp.qq.com",
"ServerPort": 465
}
}
},
"service": "tcb",
"action": "ModifyProvider"
}
- WeChat Login
- Get WeChat config:
{
"params": { "EnvId": env },
"service": "tcb",
"action": "GetProviders"
}
Filter by Id == "wx_open" , save as WeChatProvider .
Get credentials from WeChat Open Platform:
-
AppID
-
AppSecret
Update:
{
"params": {
"EnvId": env,
"Id": "wx_open",
"On": "TRUE", // "FALSE" to disable
"Config": {
...WeChatProvider.Config,
ClientId: AppID,
ClientSecret: AppSecret
}
},
"service": "tcb",
"action": "ModifyProvider"
}
- Google Login
- Get redirect URI:
{
"params": { "EnvId": env },
"service": "lowcode",
"action": "DescribeStaticDomain"
}
Save result.Data.StaticDomain as staticDomain .
Configure at Google Cloud Console:
-
Create OAuth 2.0 Client ID
-
Set redirect URI: https://{staticDomain}/__auth/
-
Get Client ID and Client Secret
Enable:
{
"params": {
"EnvId": env,
"ProviderType": "OAUTH",
"Id": "google",
"On": "TRUE", // "FALSE" to disable
"Name": { "Message": "Google" },
"Description": { "Message": "" },
"Config": {
"ClientId": Client ID,
"ClientSecret": Client Secret,
"Scope": "email openid profile",
"AuthorizationEndpoint": "https://accounts.google.com/o/oauth2/v2/auth",
"TokenEndpoint": "https://oauth2.googleapis.com/token",
"UserinfoEndpoint": "https://www.googleapis.com/oauth2/v3/userinfo",
"TokenEndpointAuthMethod": "CLIENT_SECRET_BASIC",
"RequestParametersMap": {
"RegisterUserSyncScope": "syncEveryLogin",
"IsGoogle": "TRUE"
}
},
"Picture": "https://qcloudimg.tencent-cloud.cn/raw/f9131c00dcbcbccd5899a449d68da3ba.png",
"TransparentMode": "FALSE",
"ReuseUserId": "TRUE",
"AutoSignUpWithProviderUser": "TRUE"
},
"service": "tcb",
"action": "ModifyProvider"
}
- Get Publishable Key
Query existing key:
{
"params": { "EnvId": env, "KeyType": "publish_key", "PageNumber": 1, "PageSize": 10 },
"service": "lowcode",
"action": "DescribeApiKeyTokens"
}
Return PublishableKey.ApiKey if exists (filter by Name == "publish_key" ).
Create new key (if not exists):
{
"params": { "EnvId": env, "KeyType": "publish_key", "KeyName": "publish_key" },
"service": "lowcode",
"action": "CreateApiKeyToken"
}
If creation fails, direct user to: "https://tcb.cloud.tencent.com/dev?envId=`env`#/env/apikey"