Unified User Password Login
During the Unified User Password Login API call, different results are returned depending on configuration. On normal success, the user's session_token is returned; if password expiration check is enabled, state_token is returned; failure information is returned.
Request Description
Request Headers
| Parameter Name | Chinese Name | Required | Type | Example |
|---|---|---|---|---|
| X-operating-sys-version | Caller client OS version | Yes | String | windows10.1.1 |
| X-device-fingerprint | Caller client device fingerprint | Yes | String | 156aysdna213sc50 |
| X-device-ip | Caller client IP | No | String | 192.168.1.2 |
| X-agent | User-Agent information | Yes | String | Mozilla/5.0 (iPhone; CPU iPhone OS 13_3 like Mac OS X) |
| X-L | Used for internationalization language setting | No | String | zh |
| X-client-id | Application authorization ID | Yes | String | nTo1eRIub60vPb54WeE6aojPwYwImtl4 |
| content-type | Content format type | Yes | String | application/json |
Request Example
json
{
"user_name":"test01",
"password":"123456"
}Request Parameters
| Parameter Name | Chinese Name | Required | Type | Description |
|---|---|---|---|---|
| user_name | Account | Yes | String | Account |
| password | Password | Yes | String | Password |
Response Example
Success Example1(successful match returns session_token)
HTTP/1.1 200 OK
json
{
"session_token": "btsiBjx85prcZu6I6Ki057Tmw3nSF2VO",
"expire": 432000,
"status": "SUCCESS",
"id_token": "eyJ0NiJ9.eyJ1cI6IjIifX0.DeWt4QuZXso"
}Success Example2(returns password-about-to-expire flow)
HTTP/1.1 200 OK
json
{
"status": "PASSWORD_WARN",
"state_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9",
"data": "{\"maxLength\":18,\"minLength\":8,\"regEx\":\"^(?![a-zA-Z]+$)(?![A-Z0-9]+$)(?![A-Z~!#$%&+\\\\-,*:;<=>@_?^、`~\\\\./]+$)(?![a-z0-9]+$)(?![a-z~!#$%&+\\\\-,*:;<=>@_?^、`~\\\\./]+$)(?![0-9~!#$%&+\\\\-,*:;<=>@_?^、`~\\\\./]+$)[a-zA-Z0-9~!#$%&+\\\\-,*:;<=>@_?^、`~\\\\./]{1,}$\",\"tip\":\"至少包含数字、大写字母、小写字母和特殊字符中的3种\"}"
}Success Example3(returns password-expired flow)
HTTP/1.1 200 OK
json
{
"status": "PASSWORD_EXPIRED",
"state_token":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9",
"data": "{\"maxLength\":18,\"minLength\":8,\"regEx\":\"^(?![a-zA-Z]+$)(?![A-Z0-9]+$)(?![A-Z~!#$%&+\\\\-,*:;<=>@_?^、`~\\\\./]+$)(?![a-z0-9]+$)(?![a-z~!#$%&+\\\\-,*:;<=>@_?^、`~\\\\./]+$)(?![0-9~!#$%&+\\\\-,*:;<=>@_?^、`~\\\\./]+$)[a-zA-Z0-9~!#$%&+\\\\-,*:;<=>@_?^、`~\\\\./]{1,}$\",\"tip\":\"至少包含数字、大写字母、小写字母和特殊字符中的3种\"}"
}Error Example
HTTP/1.1 400 Bad Request
json
{
"error_code": "IDAAS.SDK.LOGIN.0002",
"error_msg": "Invalid account or password. Remaining times: 9"
}Response Parameters
| Parameter Name | Chinese Name | Type | Description |
|---|---|---|---|
| status | Login flow status identifier | String | Possible values returned by this field are as follows: SUCCESS: login successful PASSWORD_WARN: password about to expire PASSWORD_EXPIRED: password expired ACCESS_DENIED: access denied |
| expire | session_token validity period | Number | Session_token validity period. Within the validity period, session_token can be used to obtain ticket |
| session_token | User session_token | String | User session_token; this token can be used to call IDaaS APIs to obtain a new id_token |
| state_token | User state token | String | User state token |
| id_token | Short-term valid API call token | String | This field is in JWT format and contains user identity information. Refer toGet User Info from id_tokento obtain user information. The token validity period is5minutes by default and can be configured |
| data | Return description | String | Return description |
Error Codes
| Status Code | Error Codes | Chinese Error Message | English Error Message | Resolution |
|---|---|---|---|---|
| 400 | IDAAS.SDK.PARAM.0001 | 设备信息不完整 | Device information is incomplete | Please check whether the input device information is complete |
| 400 | IDAAS.SDK.PARAM.0002 | clientId不能为空 | clientId cannot be empty | Please check whether the input clientId is empty |
| 400 | IDAAS.SDK.PARAM.0003 | 应用未注册,请先注册应用 | The app is not registered, please register the app first | Please check whether the input clientId is correct |
| 400 | IDAAS.SDK.PARAM.0010 | 账号不能为空 | Account cannot be empty | Please check whether the input account is empty |
| 400 | IDAAS.SDK.USER.0006 | 密码不能为空 | Password cannot be empty | Please check whether the input password is empty |
| 400 | IDAAS.SDK.LOGIN.0001 | 由于多次登录失败,用户已被锁定。 它将在 {0} 分钟和 {1} 秒内解锁 | User has been locked out due to multiple login failures. It will be unlocked in {0} minutes and {1} seconds | Please unlock and try again |
| 400 | IDAAS.SDK.LOGIN.0002 | 无效的账号或密码。 剩余次数: | Invalid account or password. Remaining times: | Please check whether the input username or password is correct |
| 500 | IDAAS.SDK.COM.0002 | 系统繁忙,请稍后再试 | System busy, please try again later | Please call again or contact BambooCloud staff |
| 400 | IDAAS.SDK.USER.0039 | 用户已被禁用 | User is disabled | Please contact the administrator |