Get OAuth URL
Specification
The Following tabel is spesification for this API :
API Name | Get OAuth URL |
---|---|
Function | This API is used to get oauth for get authCode in exchange accessToken B2B2C |
Service Code | 10 |
Method | GET |
URL | /snap/v1.0/get-auth-code |
Accept | application/json |
Content Type | application/json |
Related Service | Account Binding & Unbinding |
Request
The following part will be describe about parameter of request in this API:
Request Parameter
The following table is a list of request parameter in this API:
Header
The following table is Header of Request Parameters :
No | Name | Type | Length | Required | Condition | Remarks |
---|---|---|---|---|---|---|
1 | Content-Type | String | Variable, 127 max | Mandatory | - | Content type, value always application/json |
2 | Authorization | String | Variable | Mandatory | - | Contains B2B Bearer JWT Token, you've got it from Access Token B2B |
3 | X-TIMESTAMP | String | Fixed, 25 max | Mandatory | - | Transaction date time, in format YYYY-MM-DDTHH:mm:ss+07:00. Time must be in GMT+7 (Jakarta time) |
4 | X-PARTNER-ID | String | Variable, 36 max | Mandatory | - | ID for partner was generated by Paydia. Unique ID for a partner |
5 | X-EXTERNAL-ID | String | Variable, 36 max | Mandatory | - | Unique messaging reference ID generated by merchant. Numeric String. Reference number that should be unique in the same day |
6 | CHANNEL-ID | String | Variable, 5 max | Mandatory | - | Device identification on which the API services is currently being accessed by the end user (customer) |
7 | X-SIGNATURE | String | Variable | Mandatory | - | Signature need to be generated with Symmetric Signature method |
Query Param
The following table is list of query param:
No | Name | Type | Length | Required | Condition | Remarks |
---|---|---|---|---|---|---|
1 | scopes | String | Variable, 256 max | Mandatory | - | The scopes of the authorization |
2 | state | String | Variable, 32 max | Mandatory | - | Random string for CSRF protection purposes |
3 | redirectUrl | String | Variable, 256 max | Mandatory | - | When user authorization is success, the user will be redirected to this URL |
4 | seamlessData | String | Variable, 512 max | Optional | - | Option for binding process.Please refer sample below to know how to include seamlessData |
5 | seamlessData.mobileNumber | String | Variable, 18 max | Optional | - | User's phone number. If this field is filled in, the user must log in with the number that has been included |
6 | seamlessSign | String | Variable, 512 max | Conditional | If the seamlessData is filled | Please refer sample below to know how to include seamlessSign. The steps to generate seamlessSign are:
|
Request Sample
The following script is a request sample of this API:
GET /snap/v1.0/get-auth-code?scopes=PUBLIC_ID&state=6213b3cc-6022-40c7-9d5b-340845439713&redirectUrl=https://google.com/&seamlessData=%7B%22mobileNumber%22%3A%22081234567890%22%7D&seamlessSign=EDZfr9zSj%2B%2FYNqRVGfYr7tkD7NusxsVzMfAwrwYM23eUxj3FfFQlgUZRL0ahKO%2BcT%2F4gob6baBhMufbM0dk8l2GJ59mle3cI7iWOncsajOUQAPxqEdjeiZgSb9DFeYI6fcV4H8tFM0jz5xS3ftj6BdccoGajfRw7e2aHzlBaFRAv0hW0IM0LCF9SOk6sJOsQF57Vpc0BrYdIfk06RWtaLA0J12xcQ11OKRlhPEnKu3EYq%2FQME2DESSDBEMFwegDmYKgfGwXnrosCQL5vRAQrlA79wJgRS5niHVxjjBGkM0b%2FAk3CD973gK9q2sXlMOofcOnzECnCofwCh%2F6K%2B5PHCw%3D%3D
X-TIMESTAMP: 2024-12-19T06:30:49+07:00
X-PARTNER-ID: 35d1a1127182a65e4fe0256242a40a6d
X-EXTERNAL-ID: 1734590486
CHANNEL-ID: API
Content-Type: application/json
X-SIGNATURE: sA7R9x8v/5srhusovKyxi/l7M4SXomQiZGAoodV+oiz5iqItDxbpnLD5WHWruz7+ZYvw4cE7SAMR39wCD3/85g==
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJQYXlkaWEiLCJpYXQiOjE3MzQ1ODMxNjEsImV4cCI6MTczNDY2OTU2MSwiZGF0YSI6eyJlbnYiOiJkZXZlbG9wbWVudCJ9fQ.GE4J5OxwcwyuZB3D4tluUupFYHj5M9weHiD6vpNwxnk
Response
The following part will be describe about parameter of response in this API:
Query Param
The following table is list of query param:
No | Name | Type | Length | Required | Condition | Remarks |
---|---|---|---|---|---|---|
1 | responseCode | String | Fixed, 7 max | Mandatory | - | Refer to response code list |
2 | responseMessage | String | Variable, 150 max | Mandatory | - | Refer to response code list |
3 | state | String | Variable, 32 max | Mandatory | - | Random string for CSRF protection purposes |
4 | authCode | String | Variable, 256 max | Mandatory | - | auth_code is needed to get access token B2B2C |
Response Sample
The following script is a response sample of this API:
{
"responseCode": "2001000",
"responseMessage": "Successful",
"authCode": "499798302ee8111c0536a99d629ca75f60dc51b8601164313d9ed25576343308",
"state": "6213b3cc-6022-40c7-9d5b-340845439713"
}
Response Code and Message
The following table is the list response code and message of Get OAuth URL API:
No | Response Code | Response Message | Remarks |
---|---|---|---|
1 | 2001000 | Successful | Success to be processed |
2 | 4001001 | Invalid Field Format | Invalid format for certain field |
3 | 4001002 | Invalid Mandatory Field | Missing or invalid format on mandatory field |
4 | 4011000 | Unauthorized [reason] | General unauthorized error |
5 | 4011001 | Invalid Token (B2B) | Authorization token are invalid, perhaps due to token expiry for B2B |
6 | 5001002 | Backend system failure | 500 internal server error |