Alipay OAuth
You need an Alipay Open Platform developer account. See preparation before access.
1. Get APPID and certificates
APPID
Create an application in the Alipay Open Platform console and note the APPID. See APPID query guide.
Certificates
Generate an RSA2 key pair per Alipay docs. You get appPrivateKey.txt and appPublicKey.txt. Upload the app certificate in the Alipay app and download: alipayRootCert.crt, appCertPublicKey.crt, alipayCertPublicKey.crt.
In Casdoor Certs, create two certs:
App Cert
| Casdoor field | Value |
|---|---|
| Type | x509 |
| Certificate | content of appCertPublicKey.crt |
| Private key | content of appPrivateKey.txt |
Root Cert
| Casdoor field | Value |
|---|---|
| Type | x509 |
| Certificate | content of alipayCertPublicKey.crt |
| Private key | content of alipayRootCert.crt |
In Alipay, the callback URL must be Casdoor’s callback URL. In Casdoor, the application Redirect URL is your application’s callback URL. See Application config.
2. Create the Alipay OAuth provider in Casdoor
Providers → Add. Set Category to OAuth, Type to Alipay. Fill Client ID with the APPID and select the App Cert and Root Cert you created.
Troubleshooting
If you see "asn1: syntax error: sequence truncated" or login failures:
- App Cert: Certificate =
appCertPublicKey.crt, Private key =appPrivateKey.txt. - Root Cert: Certificate =
alipayCertPublicKey.crt, Private key =alipayRootCert.crt. - APPID matches the Alipay application.
- Callback URL is set correctly in both Alipay and Casdoor.
See Alipay Open Platform.