Lark
Use the Lark source to replicate Approval, Base, Attendance, and Contact data from a customer-managed Lark tenant into Daspire.
Lark and Feishu appear as separate source entries in Daspire because customers configure them in different Open Platform environments. They share the same connector implementation under the hood.
Supported modules
| Module | Status | Output |
|---|---|---|
| Approval | Supported | Raw approval instance payloads, approval instance base records, approval field key/value rows, task details, and timeline details |
| Base | Supported | Base record metadata plus raw fields JSON |
| Attendance | Supported | Check-in flow records for all visible users by default, with optional employee ID filters |
| Contact | Supported | Users under the root department by default, with optional department filters |
Authentication modes
Current public setup uses BYOA / custom app credentials. Daspire does not currently provide a public Lark marketplace app that customers can install from the Lark app directory for this source.
BYOA / custom app credentials
Use this mode when the customer creates and owns the Lark Open Platform app.
Required fields:
| Field | Description |
|---|---|
| App ID | Lark Open Platform app ID |
| App Secret | Lark Open Platform app secret |
To get these values:
- Sign in to the Lark Developer Console.
- Create or open a customer-owned custom app for the Lark tenant.
- Open the app credentials page and copy the App ID and App Secret. Lark documents this as the custom-app
tenant_access_tokenflow: custom app tenant access token. - Grant the app the permissions required by the modules you plan to sync.
- Publish or enable the custom app for the tenant after the tenant administrator approves the permissions.
- Paste the App ID and App Secret into Daspire.
Daspire exchanges the app ID and app secret for a tenant access token with:
POST https://open.larksuite.com/open-apis/auth/v3/tenant_access_token/internal
The app secret is stored as an encrypted connector secret.
Store app / marketplace-ready
This mode is reserved for a Daspire-managed Lark marketplace app or private marketplace deployment. Do not choose it for normal customer-created custom apps.
Daspire does not currently expose a self-service Lark marketplace app installation flow for this source. A usable store-app setup requires:
- A Daspire-owned Lark marketplace app that has passed the Lark app directory or private deployment review.
- A tenant administrator installing that app.
- A Daspire installation callback that receives the tenant key.
- Daspire-managed app ticket, app access token, and tenant access token lifecycle automation.
Lark explains the difference between custom apps and store apps in self-built apps and store apps. The token exchange for store apps is documented in store app tenant access token.
Reserved fields:
| Field | Description |
|---|---|
| Tenant Key | Tenant key received by Daspire from a completed marketplace app installation callback |
| App Access Token | App-level token generated by the Daspire-managed marketplace app token flow |
| Tenant Access Token | Optional pre-minted tenant token from a Daspire-managed marketplace app deployment |
Customers cannot obtain these values from a BYOA/custom app in the Lark developer console. Use BYOA unless Daspire has explicitly provided marketplace installation details for your tenant.
Required permissions
Grant only the permissions required by the modules you enable.
| Module | Required Open Platform access |
|---|---|
| Approval | Read approval definitions, query approval instances, and read approval instance details |
| Base | Read Base apps, tables, views, records, and automatic record metadata |
| Attendance | Export attendance/check-in data for the configured employee ID type. Default all-user sync also needs enough Contact access to enumerate visible users. |
| Contact | Read basic contact information and the user fields you intend to sync |
If the customer uses a custom app, the app must be published or enabled for the tenant after permissions are approved.
Set up Lark in Daspire
- Select Lark from the source catalog.
- Enter a source name.
- Choose the authentication mode.
- For BYOA, enter the Lark App ID and App Secret.
- Select Approval, Bitable/Base, Attendance, Contact, or any combination.
- For Approval, enter one or more approval codes and a rolling lookback window in days.
- For Base, enter the app token, table ID, and optional view ID.
- For Attendance, optionally enter employee IDs or employee numbers to filter the sync. Leave empty to scan all users visible to the app, and choose the matching ID type.
- For Contact, optionally enter department IDs to filter the sync. Leave empty to scan from the root department, and choose the matching department and user ID types.
- Save and test the source.
Notes
- Approval sync uses an incremental cursor where Lark supports time-window filtering. A rolling lookback is used to catch updates when the upstream API does not expose a reliable updated timestamp.
- Base records preserve table fields as raw JSON. Daspire does not hardcode table-specific field names.
- Attendance and Contact are opt-in modules. When selected, they default to scanning all users and departments visible to the app; filters can narrow the scope.
- Contact enrichment is available as a connector helper for future stream enrichment. The Contact module itself emits user rows only when selected.