This topic was translated by AI and is currently in queue for revision by our editors. Alibaba Cloud does not guarantee the accuracy of AI-translated content. Request expedited revision
Home PageDrive and Photo ServiceDrive and Photo ServiceUser GuideAccount access
Search for Help Content

Account access

Updated at: 2025-03-19 02:02
Product
Community

Photo and Drive Service (PDS) accommodates a range of user systems, including mobile numbers, email addresses, DingTalk, RAM users, and LDAP accounts, catering to diverse business needs. The PDS API allows secure access via access tokens, either generated through an OAuth process or calculated using a custom private key, offering flexible solutions for both native and third-party user systems, such as JWT and AccessKey-based API operations.

Note

The PDS API supports access tokens for user identity verification. Access tokens can be generated in two ways: by the OAuth service after authentication for applications using PDS's OAuth user system, or using trusted private keys for applications with custom user systems.

1. PDS OAuth supported user systems

(1) Configure an OAuth user system for a domain

PDS supports the following OAuth user systems:

  • Mobile numbers: a native user system of PDS, allowing users to register and log on to applications using their mobile numbers.

  • Email addresses: another native user system of PDS, enabling users to register and log on to applications using their email addresses.

  • DingTalk: Users can log on to applications by scanning DingTalk QR codes or using DingTalk accounts and passwords.

  • RAM users: Users can access applications as Alibaba Cloud RAM users.

  • LDAP accounts: Users can access applications using LDAP accounts based on Active Directory (AD).

p1

For more information on configuring these user systems, see the following topics:

(2) Example of an OAuth logon page

Once user systems are configured for a domain, the corresponding logon methods are available on the OAuth logon page.

11

(3) Enable OAuth logon for an application

BasicUI supports OAuth logon. On the Applications tab of the domain details page, locate BasicUI and click Allow Access in the Actions column. In the confirmation message, click OK. Then, log on to BasicUI as the super administrator to sync data.

For more information on configuring OAuth logon for self-managed applications, see the following topics:

2. Custom user systems

Custom applications can calculate an access token using a trusted private key, enabling the configuration of a custom user system to access PDS. The following access solutions are provided:

(1) Use JWT (recommended)

Access is provided through a token generated by standard JWT. For more information on implementation, see JWT application access.

(2) Call AccessKey-based API operations

Access is available using a token retrieved via AccessKey-based API operations. For more information on the implementation, see AccessKey-based API access.

Previous: Global AcceleratorNext: Logon with mobile numbers
  • On this page (1, M)
  • 1. PDS OAuth supported user systems
  • 2. Custom user systems
Feedback
phone Contact Us