English

OAuth Authorization

Step 1

OAuth authorization login page (accessed in browser)

GET https://service.xxx.com/platform/login.html

The final login page is stitched together as : https://service.xxx.com/platform/login.html?appKey=xxx&redirectUrl=xxx&state=xxx After successful login with code redirect to redirectUrl

Query Parameters

NameTypeDescription

appKey*

String

Merchant AppKey

redirectUrl*

String

Jump to page after successful authorization login

state

String

Merchant incoming status field

{
    // Response
}

parameters:

nametyperequiredexampleDescription

appKey

string

YES

xxx_xxx

Merchant AppKey

redirectUrl

string

YES

The page to redirect to after successful authorization login should be consistent with the merchant's backend.

Jump to page after successful authorization login

Step 2

Get token and openId by code

POST https://service.xxx.com/platformapi/chainup/open/auth/token

It is necessary to package the data in the parameter table into JSON strings and use rsa for parameter encryption and signature as data and sign in the body

Request Body

NameTypeDescription

app_id*

String

Merchant AppKey

time*

String

timestemp

sign*

String

data

String

{
    "code": "", //Return code	
    "msg": "", //Success or failure message	
    "data": "",
    "sign": ""
}


data:
{
     "openId":"xxxx",  //The unique openId of the merchant to which the authorized user belongs	
     "expireIn":"xxxx",  //token expiration time, seconds	
     "refreshToken":"xxxxx",  //The token required to refresh the token
     "token":"xxxx". //Authorized token	
}

The following are the parameters involved in rsa encryption:

nametyperequiredexampleDescription

code

string

YES

2ae04ed9165624419bad68e9e0f3f29fbd

The returned code when calling the first step of login for user authentication.

Refresh token

Refresh token

POST https://service.xxx.com/platformapi/chainup/open/auth/refreshToken

It is necessary to package the data in the parameter table into JSON strings and use rsa for parameter encryption and signature as data and sign in the body

Headers

NameTypeDescription

Content-Type*

String

application/json

Request Body

NameTypeDescription

app_id*

String

Merchant AppKey

time*

String

timestemp

data*

String

sign*

String

{
    "code": "", //Return to cod	
    "msg": "", //Success or failure message	
    "data": "",
    "sign": ""
}

data:

{
    "openId":"xxxx",  //The unique openId of the merchant to which the authorized user belongs	
    "expireIn":"xxxx",  //token expiration time, seconds	
    "refreshToken":"xxxxx",  //The token required to refresh the token	
    "token":"xxxx". //Authorized token	
}

The following are the parameters involved in rsa encryption:

nametyperequiredexampleDescription

refreshToken

string

YES

4dbca5afca8a46f48d863d18bsdd644731

The "refresh_token" received when obtaining the token.

token

string

YES

2ae04ed9165624419bad68e9e0f3f29fbd

The token previously authorized before.

openId

string

YES

4dbca5afca8a46f48d863d18bsdd644731

The unique openId of the authorized user belonging to the merchant.

PreviousDevelopment NotesNextPayments

Last updated