Alipay OAuth
Add Alipay as an OAuth provider (certificate-based).
You need an Alipay Open Platform developer account. See preparation before access.
Get APPID and certificates
APPID
Create an application in the Alipay Open Platform console and note the APPID. See APPID query guide.
Certificates
Generate an RSA2 key pair per Alipay docs. You get appPrivateKey.txt and appPublicKey.txt. Upload the app certificate in the Alipay app and download: alipayRootCert.crt, appCertPublicKey.crt, alipayCertPublicKey.crt.
In Hanzo IAM Certs, create two certs:
App Cert
| Hanzo IAM field | Value |
|---|---|
| Type | x509 |
| Certificate | content of appCertPublicKey.crt |
| Private key | content of appPrivateKey.txt |
Root Cert
| Hanzo IAM field | Value |
|---|---|
| Type | x509 |
| Certificate | content of alipayCertPublicKey.crt |
| Private key | content of alipayRootCert.crt |
:::info In Alipay, the callback URL must be Hanzo IAM’s callback URL. In Hanzo IAM, the application Redirect URL is your application’s callback URL. See Application config. :::
Create the Alipay OAuth provider in Hanzo IAM
Providers → Add. Set Category to OAuth, Type to Alipay. Fill Client ID with the APPID and select the App Cert and Root Cert you created.
Troubleshooting
If you see "asn1: syntax error: sequence truncated" or login failures:
- App Cert: Certificate =
appCertPublicKey.crt, Private key =appPrivateKey.txt. - Root Cert: Certificate =
alipayCertPublicKey.crt, Private key =alipayRootCert.crt. - APPID matches the Alipay application.
- Callback URL is set correctly in both Alipay and Hanzo IAM.
See Alipay Open Platform.
How is this guide?
Last updated on