Get OAuth URL
Specification
The Following tabel is spesification for this API :
| API Name | Get OAuth URL |
|---|---|
| Function | This API is used to generate OAuth redirect URL to Paydia to initiate account binding process where the user will be able to register/login from Paydia page |
| Service Code | 10 |
| Method | GET |
| URL | /snap/v1.0/get-auth-code |
| Accept | application/json |
| Content Type | application/json |
| Related Service | Registration |
Request
The following part will be describe about parameter of request in this API:
Request Parameter
The following table is a list of request parameter in this API:
Query Param
The following table is list of query param:
| No | Name | Type | Length | Required | Condition | Remarks |
|---|---|---|---|---|---|---|
| 1 | redirectUrl | String | Variable, 256 max | Mandatory | - | When user authorization is success, the user will be redirected to this URL |
| 2 | scopes | Array of String | Variable, 256 max | Mandatory | - | The scopes of the authorization |
| 3 | state | String | Variable, 32 max | Mandatory | - | Random string for CSRF protection purposes |
| 4 | timestamp | String | Fixed, 25 max | Mandatory | - | Transaction date time, in format YYYY-MM-DDTHH:mm:ss+07:00. Time must be in GMT+7 (Jakarta time) |
| 5 | partnerId | String | Variable, 64 max | Mandatory | - | Information of partner ID |
| 6 | externalId | String | Variable, 64 max | Mandatory | - | Information of external ID |
| 7 | channelId | String | Variable, 64 max | Mandatory | - | Information of channel ID |
| 8 | x-signature | String | Variable | Mandatory | - | Signature will be generated automatically with symmetricSignature or asymmetricSignature method |
| 9 | auth | String | Variable | Conditional | If the signature option is asymmetric approach | Contains B2B Bearer JWT Token, you've got it from Access Token B2B |
Request Sample
The following script is a request sample of this API:
GET .../snap?redirectUrl=https://web-merchant.com/&scopes=QUERY_BALANCE,PUBLIC_ID&state=6430c027-5c3f-4ddb-be74-1e3940943d4e×tamp=2022-11-03T09:47:00+07:00&partnerId=3068cb31c7981b5c52096c3be18edb38&externalId=1667469949&channelId=12345&x-signature=fi80WfYG3fhFaPIkO4+mvBBdxKA3pxna8GNYKdgFLQAfQ587uuFzbLGRXO6A9Lvs+yvSlvJ9r+mRTCm22K65EhQKc1C3Xpo8Izc7sFasxDroYvggd4wbBKtPK/e7ZOY0NvNgglRPoMkQ+dKuiaiK6BtI6B1n6iH4XZ67ORjQ6Ho=&auth=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJQYXlkaWEiLCJpYXQiOjE2Njc0Njg3NjksImV4cCI6MTY2NzQ3MjM2OX0.wGXFOE7pE1Av_AF9NfKCV6YHIELOFI2kjAkXUWfW5AY
Response
The following part will be describe about parameter of response in this API:
Query Param
The following table is list of query param:
| No | Name | Type | Length | Required | Condition | Remarks |
|---|---|---|---|---|---|---|
| 1 | responseCode | String | Fixed, 7 max | Mandatory | - | Refer to response code list |
| 2 | responseMessage | String | Variable, 150 max | Mandatory | - | Refer to response code list |
| 3 | state | String | Variable, 32 max | Mandatory | - | Random string for CSRF protection purposes |
| 4 | authCode | String | Variable, 256 max | Mandatory | - | auth_code is needed to get access token B2B2C |
Response Sample
The following script is a response sample of this API:
https://web-merchant.com/?responseCode=2001000&responseMessage=Successful&authcode=e9e342a7b1d3c0cb6595f69e458f4c8cfbc4843db39dbe71677f2d812dc21110&state=45de99d8-9a9c-4fda-843f-d3ad556469e5
Response Code and Message
The following table is the list response code and message of Get OAuth URL API:
| No | Response Code | Response Message | Remarks |
|---|---|---|---|
| 1 | 2001000 | Successful | Success to be processed |
| 2 | 4001001 | Invalid Field Format | Invalid format for certain field |
| 3 | 4001002 | Invalid Mandatory Field | Missing or invalid format on mandatory field |
| 4 | 4011000 | Unauthorized {reason} | General unauthorized error |
| 5 | 4011001 | Invalid Token (B2B) | Authorization token are invalid, perhaps due to token expiry for B2B |
| 6 | 5001002 | Backend system failure | 500 internal server error |