Actions10
- Api Access Token Actions
- Store App Actions
- Custom App Actions
- User ID Actions
Overview
This node handles user authentication requests for the Lark platform, specifically supporting the operation to request user authentication via a browser-based flow. It facilitates obtaining user authorization by redirecting users to an authentication URL with necessary parameters such as app ID, redirect URI, and state. This is useful in scenarios where you need to integrate Lark's OAuth2 or tenant token-based authentication into your workflows, enabling secure access to user data or APIs on behalf of the user.
Practical examples include:
- Initiating an OAuth2 login flow for users to grant permissions.
- Requesting tenant-level tokens for server-to-server communication.
- Redirecting users to authenticate and then capturing the returned authorization code.
Properties
| Name | Meaning |
|---|---|
| Authentication | Method of authentication to use: either "Tenant Token" (server-to-server) or "OAuth2". |
| Redirect Uri | The URI to which the user will be redirected after authentication completes. |
| App Id | The application identifier registered with Lark, used to identify the client app. |
| State | An optional string to maintain state between the request and callback, often used for CSRF protection or session identification. |
| Options | Additional options; currently supports: |
| - Use Custom Body | Boolean flag indicating whether to send a custom request body instead of default parameters. |
Output
The node outputs JSON data representing the response from the Lark authentication endpoint. This typically includes information such as authorization URLs, tokens, or error messages depending on the authentication method and stage of the flow.
If binary data were involved (not indicated here), it would represent files or other media related to authentication, but this node focuses on JSON responses.
Dependencies
- Requires configuration of either a tenant token credential or an OAuth2 credential for authenticating API requests.
- Needs proper setup of the base URL (
https://open.larksuite.com) and HTTP headers for JSON communication. - The node depends on external Lark services for authentication flows.
Troubleshooting
- Common issues:
- Incorrect or missing
App IdorRedirect Urican cause authentication failures. - Mismatched
stateparameter may lead to security warnings or rejected callbacks. - Using the wrong authentication method for the scenario (e.g., OAuth2 when tenant token is required) will result in errors.
- Incorrect or missing
- Error messages:
- Authorization errors usually indicate invalid credentials or misconfigured app settings.
- Network or timeout errors suggest connectivity problems with Lark's API endpoints.
- Resolutions:
- Verify all input properties are correctly set and correspond to your Lark app registration.
- Ensure credentials are valid and have appropriate permissions.
- Check network connectivity and API endpoint availability.