Apply for tokenSignature required
The applyToken API is used by applications to request an access token for making API calls on behalf of a user.
Prerequisite: After partners finish their authorization via the WorldFirst portal, WorldFirst generates the authorization code (authCode) in the authorization URL. Then the partners can use authCode to call the applyToken API.
Structure
A message consists of a header and body. The following sections are focused on the body structure. For the header structure, see:
Request parameters
authCode String REQUIRED
The authorization code.
After partners finish their authorization via the WorldFirst portal, WorldFirst generates the authorization code (authCode) in the authorization URL.
For example, in the following authorization URL, the code value is the the authorization code.
https://{domain}/?authResult=SUCCESS&code=*****
grantType String REQUIRED
The authorization grant type. Valid value:
AUTHORIZATION_CODE: Indicates that the authorization code (authCode) is used to obtain the access token.
Response parameters
result Result REQUIRED
The result of the API call, including the result status, result code and result message.
accessToken String REQUIRED
The access token that you obtain.
Note: This parameter is returned on demand only when result.resultStatus = S.
expireTime DateTime REQUIRED
The expiration time of the access token.
Note: This parameter is returned on demand only when result.resultStatus = S.
More information:
- The value follows the ISO 8601 standard format. For example, "2019-11-27T12:01:01+08:00".
refreshToken String
The refresh token that you obtain.
Note: This parameter is returned on demand only when result.resultStatus =
S.
refreshTokenExpireTime DateTime
The expiration time of the refresh token.
Note: This parameter is returned on demand only when result.resultStatus = S.
More information:
- The value follows the ISO 8601 standard format. For example, "2019-11-27T12:01:01+08:00".
extendInfo String
The extended information.
Note: This parameter is returned on demand only when result.resultStatus = S.
Request
Response
Result processing logic
After calling the API, WorldFirst returns a response. The responses for result.resultStatus are:
Result/Error codes
| Code | Value | Message | Further action |
|---|---|---|---|
| SUCCESS | S | Success | |
| PROCESS_FAIL | F | A general business failure occurred. Do Not retry. | Human intervention is usually needed. It is recommended that you contact our Technical Support Team to resolve the issue. |
| PARAM_ILLEGAL | F | Illegal parameters exist. For example, a non-numeric input, or an invalid date. | Check and verify whether the request fields (e.g., requestId), including the header fields and body fields, are correct and valid. For details on the fields of each API, see the specific API Structure section. |
| INVALID_API | F | The called API is invalid or not active. | Check whether the correct API is being called. |
| INVALID_CLIENT | F | The client is invalid. | The client ID does not exist or is invalid. |
| INVALID_SIGNATURE | F | The signature is invalid. | Ensure the request is properly signed with a valid signature. |
| METHOD_NOT_SUPPORTED | F | The server does not implement the requested HTTP method. | Ensure the HTTP method is |
| UNKNOWN_EXCEPTION | U | The API call is failed, which is caused by unknown reasons. | The service might be down, retry later. If the issue persists, contact the WorldFirst Technical Support Team. |
| UN_SUPPORT_BUSINESS | F | Unsupported business. | Ensure that all the request parameters are correct and try to call the API again. |
| AUTH_CODE_EXPIRED | F | The authorization code (authCode) is expired. | Ensure that you use the valid authorization code (authCode). |
| AUTH_CODE_NOT_EXIST | F | The authorization code (authCode) does not exit. | Try to obtain a valid authorization code (authCode). |