Authing DocsDocuments
Concept
Guides
Development Integration
Application integration
Concept
Guides
Development Integration
Application integration
Old Version
Guides
  • Quick start

    • Authenticate your first user

      • Use the hosted login page to complete the authentication
      • Use the embedded login component to complete the authentication
      • Use API & SDK to complete authentication
      • Verify user credentials (token)
      • Authority management for users
      • Realize logout
      • Next you may need
    • Access methods for different types of applications

      • Integrate Authing in traditional Web App
      • Integrate in Single Page Application (SPA) Authing
      • Integrate in mobile terminal (iOS, Andriod) Authing
    • Console overview
  • Authenticate the user

    • Use account password authentication
    • Use SMS verification code authentication
    • Use social login authentication
    • Use scan code login authentication

      • Use self-built App to scan the code to log in to the website

        • Complete interface list
        • Custom configuration items
      • Use the mini program to scan the code to log in to the website
    • Certify in Mini Program
    • Implement single sign-on (SSO)
    • Single sign-on on the mobile terminal
    • Multi-factor authentication (MFA)

      • MFA of one-time password (TOTP) based on timestamp algorithm
      • MFA based on SMS verification code
      • MFA based on email verification code
      • Access MFA through SDK
    • Extend the authentication process

      • Add user-defined fields
      • IdToken add custom field
      • Use a custom database to authenticate users
      • Use Pipeline to extend the authentication process
      • Use Webhook to monitor authentication events
    • Personalize the guard
  • Authority management for users

    • Choose the appropriate permission model
    • Integrate RBAC permission model into your application system
    • Integrate ABAC permission model into your application system
    • Use permission group management permission resources
    • Manage resource permissions
  • Authorization

    • Inter-application authorization for user permission
    • M2M authorization
  • Manage user accounts

    • User field interpretation
    • Administrator create account
    • Manage user accounts
    • Binding account
    • Manage user's custom data
    • View user's login history
    • View the user's geographic location
    • Enhance account security
    • Manage user login status
    • Control which applications users can access
    • User groups
  • Manage User Directory

    • User Directory Configuration Item
    • Add custom user field
    • Search users
    • Use LDAP user directory
  • Management Application

    • Create Application
    • Configure login and registration method
    • Add registration agreement
    • Customize login box style
    • Become a source of federal authentication identity
    • Enable multi-factor authentication
    • Sub-account management
    • Implement single sign-on between applications
    • Manage user login status
  • Become a source of federal authentication identity

    • Become an OpenID Connect Identity Source
    • Become OAuth2.0 Identity Source
    • Become a SAML2 identity source
    • Become a CAS Identity Source
  • Connect to an external identity provider (IdP)

    • Social Identity Provider

      • WeChat QR Code on PC
      • Mini Program QR Code on PC
      • WeChat Official Accounts QR Code
      • Mobile App Use WeChat Login
      • Mobile App Use WeChat Mini Program Login
      • WeChat Web Page
      • WeChat Mini Program
      • Tencent QQ
      • Sina Weibo
      • GitHub
      • Facebook
      • Twitter
      • Google
      • Apple Mobile
      • Apple Web
      • Alipay
      • Slack
      • Gitee
      • GitLab
      • Baidu
      • NetEase YIDUN
      • QingCloud
      • Instagram
      • LinkedIn
    • Enterprise Identity Provider

      • WeCom Self-built App QR Code
      • WeCom Self-built App QR Code Login(Delegated Development Mode)
      • WeCom Service Provider App QR Code
      • WeCom Mobile
      • DingTalk H5 Micro Application (Internal Development)
      • Feishu Marketplace App
      • Feishu Custom App
      • Windows AD
      • Azure AD
      • OIDC
      • OAuth 2.0
      • LDAP
      • SAML
      • CAS
      • WeLink
    • Custom database

      • Configure database connection and scripting
      • Lazy migration of users to Authing
      • Fully use a custom database to save user data
      • Best Practice
  • Open up WeChat ecology
  • Migrate users to Authing

    • Use SDK to import users
    • Configure custom password function
    • Import users from corporate WeChat, DingTalk and other third-party identity sources
  • Management organization

    • Create or import an organization
    • Management organization
    • Manage member life cycle
    • Use LDAP protocol to open organization data to the outside world
  • Expandable capabilities

    • Use Webhook to monitor user events
    • Custom authentication process (Pipeline)

      • Create your first Pipeline function
      • Pipeline API Reference
      • Pipeline application scenario
      • Pipeline User Object
      • Pipeline Context Object
      • Use environment variables in Pipeline
      • Available Node Modules
      • How to debug
      • FAQ
      • Private deployment
    • Configure custom password function
  • Audit Log

    • Audit of user behavior
    • Audit of Administrator Behavior
  • Configure security information

    • Configure Web Security Domain
    • Configure password strength
    • Configure registration frequency limit
    • Configure the limit on the number of failed login attempts
  • Configure user pool information

    • Modify user pool basic information
    • Configure mail service and template
    • Configure SMS service and template
    • Add user pool collaboration administrator
    • Developer Configuration
  • Deployment plan

    • Basic deployment mode
    • Docker deployment mode
    • Kubernetes deployment mode
    • Custom Domain Name Configuration Scheme
  • Frequently Asked Questions FAQs

    • How to get user pool ID
    • How to get the application ID
    • How to verify user credentials (token)
    • Join table Authing in the local user and your business data
    • Impact of disabling third-party cookies on Authing
    • How to deploy a transit proxy server
  1. Guides
  2. /
  3. Authenticate the user
  4. /
  5. Use account password authentication

¶ Use Account & Password to Authenticate

Update Time: 2022-05-15 10:47:02
Edit

In Authing, account passwords are divided into the following three forms:

  1. Email + password login
  2. Username + password login
  3. Phone number + password login

When providing users with account and password authentication methods, as an IT system administrator or developer, you also need to implement the following functions:

  1. Password reset: the password can be retrieved by email verification code or SMS verification code;

  2. Modify the password: You can reset the password with the existing password. To use Authing to achieve these functions, we provide three different integrate methods:

  3. [Use Authing Hosting landing page](#Use Hosting landing page),Without a line of code, you can sample-sso.authing.cn experience。

  4. [Use Authing Embedded login component provided](#Use Embedded login component provided),It can be integrated into your web and mobile projects. You don't need to implement the login form UI yourself.

  5. [Use API & SDK](#Use -api-sdk),Authing It provides restful and graphql APIs and SDKs in more than 10 languages or frameworks. You can customize the UI and authentication process based on this.

  6. Use Authing hosted login page. No coding work needed. You can experience it through sample-sso.authing.cn.

  7. Using the embedded login component provided by Authing. It can be integrated into your web and mobile projects. You don't need to implement the login form UI yourself.

  8. Use API & SDK. Authing provides APIs in two forms, RESTFul and GraphQL, and SDKs in more than 10 languages or frameworks. You can customize the UI and authentication process based on this.

¶ Use hosted login page

¶ Registration

After the user has successfully registered, the system will send a welcome email to the user's mailbox:

You can turn off the option of registering to send welcome email in the console settings > security information > user pool security configuration, and you can also modify the default welcome email template in the console settings > message service.

After the user has successfully registered, Authing will send a verification email to the user's mailbox:

The user can verify the mailbox by clicking the verify button.

¶ Login

By default, accounts with unverified mailboxes can log in. You can also modify this configuration in the application details:

After the user logs in successfully, it will call back to the callback link you configured. You can get user information here. For details, please see: Use Authing hosted login page to authenticate.

¶ Modify password

Users can modify password in the personal center.

¶ Use embedded login component

The embedded login component and the online hosting login page are basically the same in style and interaction. The difference is that the online hosting login page is fully managed and maintained by Authing, which is completely independent of your application. The embedded login component can be integrated in your application. For detailed usage, please see: Use the embedded login component to authenticate.

。

¶ Use API & SDK

¶ Register

Language
Java
Loading...

Use 用户池 ID(UserPool ID) 和应用 ID(AppID) 初始化 Java SDK 的 AuthenticationClient:

import cn.authing.core.auth.AuthenticationClient;
// Use  AppId 和 appHost 进行初始化
AuthenticationClient authentication = new AuthenticationClient(APP_ID, APP_HOST);

authenticationClient.setSecret("AUTHING_APP_SECRET");

Use registerByEmail 方法:

String email = "test@example.com";
String password = "123456";
User user = authenticationClient.registerByEmail(new RegisterByEmailInput(email, password)).execute();

¶ Login

Language
Java
Loading...

Use 用户池 ID(UserPool ID) 和应用 ID(AppID) 初始化 Java SDK 的 AuthenticationClient:

import cn.authing.core.auth.AuthenticationClient;
// Use  AppId 和 appHost 进行初始化
AuthenticationClient authentication = new AuthenticationClient(APP_ID, APP_HOST);

authenticationClient.setSecret("AUTHING_APP_SECRET");

Use loginByEmail 方法:

String email = "test@example.com";
String password = "123456";
User user = authenticationClient.loginByEmail(new LoginByEmailInput(email, password)).execute();

¶ Reset password

Language
Java
Loading...

Use 用户池 ID(UserPool ID) 和应用 ID(AppID) 初始化 Java SDK 的 AuthenticationClient:

import cn.authing.core.auth.AuthenticationClient;
// Use  AppId 和 appHost 进行初始化
AuthenticationClient authentication = new AuthenticationClient(APP_ID, APP_HOST);

authenticationClient.setSecret("AUTHING_APP_SECRET");

Use 手机号验证码重置密码:

String phone = "phone number";
String code = "1234";
String password = "123456";
authenticationClient.resetPasswordByPhoneCode(phone, code, password).execute();

Use 邮箱验证码重置密码:

String email = "test@example.com";
String code = "1234";
String password = "123456";
authenticationClient.resetPasswordByEmailCode(email, code, password).execute();

¶ Modify password

Language
Java
Loading...

Use 用户池 ID(UserPool ID) 和应用 ID(AppID) 初始化 Java SDK 的 AuthenticationClient:

import cn.authing.core.auth.AuthenticationClient;
// Use  AppId 和 appHost 进行初始化
AuthenticationClient authentication = new AuthenticationClient(APP_ID, APP_HOST);

authenticationClient.setSecret("AUTHING_APP_SECRET");

如果用户之前没有设置过密码(比如由手机号、社会化登录等方式注册),不需要传入原始密码。

String newPassword = "123456";
User user = authenticationClient.updatePassword(newPassword).execute();

或者:

String oldPassword = "111111";
String newPassword = "123456";
User user = authenticationClient.updatePassword(newPassword, oldPassword).execute();
Prev: Authenticate the user Next: Use SMS verification code authentication
  • Use hosted login page
  • Use embedded login component
  • Use API & SDK

User identity management

Integrated third-party login
Mobile phone number flash check (opens new window)
Universal login form component
Custom authentication process

Enterprise internal management

Single Sign On
Multi-factor Authentication
Authority Management

Developers

Development Document
Framework Integration
Blog (opens new window)
GitHub (opens new window)
Community User Center (opens new window)

Company

400 888 2106
sales@authing.cn
16 / F, Block B, NORTH STAR CENTURY CENTER, Beijing(Total)
room 406, 4th floor, zone B, building 1, No. 200, Tianfu Fifth Street, Chengdu(branch)

Beijing ICP No.19051205-1

© Beijing Steamory Technology Co.