alipay.intl.oauth.auth.applyToken
API Overview
name: alipay.intl.oauth.auth.applyToken
version: 2.0.0
endpoint: https://open.alipay.hk/api/alipay/intl/oauth/auth/applyToken.htm
description: The API is used by the merchant to get access token from the authSite.
This openAPI can be used together with 'my.getAuthCode' and the jsapi will return the authCode to the merchant. The merchant can invoke this applyToken API call with 'authCode' . The accessToken will be granted by the site only if the 'authCode' is correct. The merchant can also integrate the 'auth.notify' to get the accessToken.
Function Logic
Request Parameter
Header
No | Name | Description | Type | Length | Required | Remarks | Condition | Sample |
1 | version | API version | string | 8 | ME | As per the respective API reference | 2.0.0 | |
2 | function | API interface | string | 128 | ME | According to specifications defined by each business domain | alipay.intl.function | |
3 | clientId | Client ID | string | 32 | ME | Provided by Alipay, used to identify partner and application system | 211020000000000000044 | |
4 | reqTime | Request time | datetime | / | M | DateTime with timezone, which follows the ISO-8601 standard.Refer to: RFC 3339 Section 5.6 | 2001-07-04T12:08:56+05:30 | |
5 | reqMsgId | Request message ID | string | 64 | ME | Each request will be assigned with a unique id (uuid).The reqMsgId identify an unique system request, it is not used to identity an unique business request. | 1234567asdfasdf1123fda | |
6 | reserve | Reserved for future implementation | string | 256 | O | Key/Value | {} |
Body
No | Name | Description | Type | Length | Required | Remarks | Condition | Sample |
1 | grantType | Grant type. The accessToken could be granted by authCode or refreshToken. | enum<[OAuthGrantTypeEnum](data_structure/02. OAuth Domain Structure.htm#OAuthGrantTypeEnum)> | 64 | M | AUTHORIZATION_CODE | ||
2 | authMerchantId | Auth merchant ID. The auth merchant can be authorized by the user to access user resources. | string | 64 | M | 218820000000000000023 | ||
3 | authSite | The site which can authorize the user. | enum<[SiteEnum](data_structure/00. Global Common Structure.htm#SiteEnum)> | 64 | M | ALIPAY_CN | ||
4 | authCode | An authorization code which the caller can used to obtain an access token. | string | 64 | C | Authentication code. The authCode is generated by the authSite and returned to the merchant. | y: (grantType = AUTHORIZATION_CODE) | 4b203fe6c11548bcabd8da5bb087a83b |
5 | verifyCode | Verify code | string | 64 | O | y: (if authCode is collected through ‘auth.applyCode’ API call.)The verifyCode is only needed when the authCode is generated through ‘auth.applyCode’ API call. | y: (grantType = AUTHORIZATION_CODE) | 934754 |
6 | refreshToken | Refresh token, which is used to refresh the access token. | string | 64 | C | y: (grantType = REFRESH_TOKEN) | 201208134b203fe6c11548bcabd8da5bb087a83b |
Response Parameter
Header
No | Name | Description | Type | Length | Required | Remarks | Condition | Sample |
1 | version | API version | string | 8 | ME | As per the respective API reference | 2.0.0 | |
2 | function | API interface | string | 128 | ME | According to specifications defined by each business domain | alipay.intl.function | |
3 | clientId | Client ID | string | 32 | ME | Provided by Alipay, used to identify partner and application system | 211020000000000000044 | |
4 | respTime | Response time | datetime | / | M | DateTime with timezone, which follows the ISO-8601 standard. Refer to: RFC 3339 Section 5.6 | 2001-07-04T12:08:56+05:30 | |
5 | reqMsgId | Request message ID | string | 64 | ME | Each request will be assigned with a unique id (uuid). | 1234567asdfasdf1123fda | |
6 | reserve | Reserved for future implementation | string | 256 | O | Key/Value | {} |
Body
No | Name | Description | Type | Length | Required | Remarks | Condition | Sample |
1 | resultInfo | Result info | [ResultInfo](data_structure/00. Global Common Structure.htm#ResultInfo) | / | M | { "resultStatus": "S", "resultCodeId": "00000000", "resultCode":"SUCCESS", "resultMsg": "result message" } | ||
2 | accessTokenInfo | The detailed accessToken information. | [AccessTokenInfo](data_structure/02. OAuth Domain Structure.htm#AccessTokenInfo) | / | C | y: (resultInfo.resultCode = SUCCESS) | { "accessToken": "publicpBa869cad0990e4e17a57ecf7c5469a4b2", "expiresIn": "2001-07-04T12:08:56+05:30", "refreshToken":"201510BB0c409dd5758b4d939d4008a525463X62", "reExpiresIn": "2001-07-04T12:08:56+05:30", "tokenStatus":"ACTIVE" } | |
3 | authSiteUserId | The parameter identifies the unique user id within the authSite. Recommend to provide. | string | 64 | C | y: (&(resultInfo.resultCode = SUCCESS)(authSiteCanProvide = true)) | 2088455609687485 |
Request Sample
{
"request":{
"head":{
"version":"2.0.0",
"function":"alipay.intl.oauth.auth.applyToken",
"clientId":"211020000000000000044",
"reqTime":"2001-07-04T12:08:56+05:30",
"reqMsgId":"1234567asdfasdf1123fda",
"reserve":"{}"
},
"body":{
"grantType":"AUTHORIZATION_CODE",
"authMerchantId":"218820000000000000023",
"authSite":"ALIPAY_CN",
"authCode":"4b203fe6c11548bcabd8da5bb087a83b",
"verifyCode":"934754"
}
},
"signature":"signature string"
}Response Sample
{
"response":{
"head":{
"version":"2.0.0",
"function":"alipay.intl.oauth.auth.applyToken",
"clientId":"211020000000000000044",
"respTime":"2001-07-04T12:08:56+05:30",
"reqMsgId":"1234567asdfasdf1123fda",
"reserve":"{}"
},
"body":{
"resultInfo":{
"resultStatus":"S",
"resultCodeId":"00000000",
"resultCode":"SUCCESS",
"resultMsg":"success"
},
"accessTokenInfo":{
"accessToken":"publicpBa869cad0990e4e17a57ecf7c5469a4b2",
"tokenStatus":"ACTIVE"
}
}
},
"signature":"signature string"
}Result Info
No | ResultCodeId | ResultCode | ResultStatus | Remarks |
1 | 00000011 | RISK_REJECT | F | Risk reject |
2 | 12002005 | USER_NOT_EXIST | F | User does not exist |
3 | 12002006 | USER_STATUS_ABNORMAL | F | User status is not normal. |
4 | 12002027 | OTP_VERIFY_TIMES_EXCEED_LIMIT | F | Verify code failed too many times, user must get a new code. |
5 | 12002026 | OTP_VERIFY_UNMATCHED | F | Verify code invalid |
6 | 12014174 | AUTH_CODE_INVALID | F | authCode is invalid |
7 | 12014175 | REFRESH_TOKEN_INVALID | F | Refresh token is invalid |
Basic Result Code: The following global result codes might be returned for all APIs.
No | ResultCodeId | ResultCode | ResultStatus | Remarks |
1 | 00000000 | SUCCESS | S | Success |
2 | 00000019 | PROCESS_FAIL | F | General business failure. No retry. |
3 | 00000901 | UNKNOWN_EXCEPTION | U | API failed due to unknown reason. |
4 | 00000004 | PARAM_ILLEGAL | F | Illegal parameters. For example, non-numeric input, invalid date. |
5 | 00000007 | INVALID_SIGNATURE | F | Signature is invalid. |
6 | 00000008 | KEY_NO_FOUND | F | Key is not found. |
7 | 00000013 | NO_INTERFACE_DEF | F | API is not defined |
8 | 00000014 | API_IS_INVALID | F | API is invalid (or not active) |
9 | 00000016 | OAUTH_FAILED | F | oAuth authentication failed |
10 | 00000021 | ACCESS_DENIED | F | Access denied |
11 | 12014152 | CLIENT_FORBIDDEN_ACCESS_API | F | Client is not authorized to use this API |
12 | 12014155 | UNKNOWN_CLIENT | F | Unknown client |
13 | 12014156 | INVALID_CLIENT_STATUS | F | Invalid client status |
14 | 00000024 | REQUEST_TRAFFIC_EXCEED_LIMIT | F | The request traffic exceeds the limit. |