# OAuth Authorization
## Step 1
## OAuth authorization login page (accessed in browser)
`GET` `https://service.xxx.com/platform/login.html`
The final login page is stitched together as : After successful login with code redirect to redirectUrl
#### Query Parameters
| Name | Type | Description |
| --------------------------------------------- | ------ | ------------------------------------------------- |
| appKey\* | String | Merchant AppKey |
| redirectUrl\* | String | Jump to page after successful authorization login |
| state | String | Merchant incoming status field |
{% tabs %}
{% tab title="200: OK " %}
```javascript
{
// Response
}
```
{% endtab %}
{% endtabs %}
#### parameters:
| name | type | required | example | Description |
| ----------- | ------ | -------- | -------------------------------------------------------------------------------------------------------------- | ------------------------------------------------- |
| appKey | string | YES | xxx\_xxx | Merchant AppKey |
| redirectUrl | string | YES | The page to redirect to after successful authorization login should be consistent with the merchant's backend. | Jump to page after successful authorization login |
## Step 2
## Get token and openId by code
`POST` `https://service.xxx.com/platformapi/chainup/open/auth/token`
It is necessary to package the data in the parameter table into JSON strings and use rsa for parameter encryption and signature as data and sign in the body
#### Request Body
| Name | Type | Description |
| ----------------------------------------- | ------ | --------------- |
| app\_id\* | String | Merchant AppKey |
| time\* | String | timestemp |
| sign\* | String | |
| data | String | |
{% tabs %}
{% tab title="200: OK " %}
```javascript
{
"code": "", //Return code
"msg": "", //Success or failure message
"data": "",
"sign": ""
}
data:
{
"openId":"xxxx", //The unique openId of the merchant to which the authorized user belongs
"expireIn":"xxxx", //token expiration time, seconds
"refreshToken":"xxxxx", //The token required to refresh the token
"token":"xxxx". //Authorized token
}
```
{% endtab %}
{% endtabs %}
The following are the parameters involved in rsa encryption:
| name | type | required | example | Description |
| ---- | ------ | -------- | ---------------------------------- | ------------------------------------------------------------------------------- |
| code | string | YES | 2ae04ed9165624419bad68e9e0f3f29fbd | The returned code when calling the first step of login for user authentication. |
## Refresh token
## Refresh token
`POST` `https://service.xxx.com/platformapi/chainup/open/auth/refreshToken`
It is necessary to package the data in the parameter table into JSON strings and use rsa for parameter encryption and signature as data and sign in the body
#### Headers
| Name | Type | Description |
| ---------------------------------------------- | ------ | ---------------- |
| Content-Type\* | String | application/json |
#### Request Body
| Name | Type | Description |
| ----------------------------------------- | ------ | --------------- |
| app\_id\* | String | Merchant AppKey |
| time\* | String | timestemp |
| data\* | String | |
| sign\* | String | |
{% tabs %}
{% tab title="200: OK " %}
```javascript
{
"code": "", //Return to cod
"msg": "", //Success or failure message
"data": "",
"sign": ""
}
data:
{
"openId":"xxxx", //The unique openId of the merchant to which the authorized user belongs
"expireIn":"xxxx", //token expiration time, seconds
"refreshToken":"xxxxx", //The token required to refresh the token
"token":"xxxx". //Authorized token
}
```
{% endtab %}
{% endtabs %}
The following are the parameters involved in rsa encryption:
| name | type | required | example | Description |
| ------------ | ------ | -------- | ---------------------------------- | ------------------------------------------------------------------- |
| refreshToken | string | YES | 4dbca5afca8a46f48d863d18bsdd644731 | The "refresh\_token" received when obtaining the token. |
| token | string | YES | 2ae04ed9165624419bad68e9e0f3f29fbd | The token previously authorized before. |
| openId | string | YES | 4dbca5afca8a46f48d863d18bsdd644731 | The unique openId of the authorized user belonging to the merchant. |
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://platformv2docs.chainup.com/english-3/oauth-authorization.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.