DingTalk OAuth
Configure DingTalk at the DingTalk Open Platform. Create or open an app and note AppKey and AppSecret (these map to Client ID and Client secret in Casdoor).
| Casdoor | DingTalk |
|---|---|
| Client ID | AppKey |
| Client secret | AppSecret |
Add the Redirect Domain: your Casdoor domain (e.g. https://your-casdoor.com).
Required permission
Enable Contact.User.Read in your DingTalk app (used for /v1.0/contact/users/me). Without it, Casdoor cannot fetch user info and sign-in will fail. Enable it under Permissions Management.
caution
Contact.User.Read must be enabled in the DingTalk application.
Username mapping
Casdoor uses DingTalk’s unionid as the username. This keeps the same user mapped across your DingTalk org even when other details change.
Add the provider in Casdoor
Create an OAuth provider, set Type to DingTalk, and enter AppKey as Client ID and AppSecret as Client secret.
