Revoke tokenSignature required

2024-11-21 06:55

POST /amsin/api/v1/oauth/revokeToken

The revokeToken API is used by applications to revoke the access token of a specific account holder. After the revocation, the access token becomes invalid and cannot be used for authorization.

Note: Revoking the access token also revokes the refresh token.

Structure

A message consists of a header and body. The following sections are focused on the body structure. For the header structure, see:

Request parameters

token String REQUIRED

The value of the access token that is to be revoked.

More information:

Maximum length: 128 characters

tokenType String REQUIRED

The token type. The valid value is:

ACCESS_TOKEN: indicates that the token type is access token.

More information:

Maximum length: 128 characters

Response parameters

result Result REQUIRED

The result of the API call, including the result status, result code and result message.

Show child parameters

cancelTime DateTime CONDITIONAL

The time to revoke the access token.

Note: This parameter is returned on demand only when result.resultStatus = S.

More information:

The value follows the ISO 8601 standard format. For example, "2019-11-27T12:01:01+08:00".

API Explorer

Request

URL

Case

Result status is S/Success

Request Body

Response

Response Body

Result processing logic

After calling the API, WorldFirst returns a response. The responses for result.resultStatus are:

Result/Error codes

Code	Value	Message	Further action
SUCCESS	S	Success
PROCESS_FAIL	F	A general business failure occurred. Do Not retry.	Human intervention is usually needed. It is recommended that you contact our Technical Support Team to resolve the issue.
PARAM_ILLEGAL	F	Illegal parameters exist. For example, a non-numeric input, or an invalid date.	Check and verify whether the request fields (e.g., requestId), including the header fields and body fields, are correct and valid. For details on the fields of each API, see the specific API Structure section.
INVALID_API	F	The called API is invalid or not active.	Check whether the correct API is being called.
INVALID_CLIENT	F	The client is invalid.	The client ID does not exist or is invalid.
INVALID_SIGNATURE	F	The signature is invalid.	Ensure the request is properly signed with a valid signature.
METHOD_NOT_SUPPORTED	F	The server does not implement the requested HTTP method.	Ensure the HTTP method is `POST` and retry.
UNKNOWN_EXCEPTION	U	The API call is failed, which is caused by unknown reasons.	The service might be down, retry later. If the issue persists, contact the WorldFirst Technical Support Team.
UN_SUPPORT_BUSINESS	F	Unsupported business.	Ensure that all the request parameters are correct and try to call the API again.
AUTHORIZATION_NOT_EXIST	F	The authorization does not exist.	Make sure that the input is correct. If the issue persists, contact our Technical Support Team to verify the authorization status.
ACCESS_TOKEN_EXPIRED	F	The access token is expired.	Call the refreshToken API to refresh the access token or contact the WorldFirst Technical Support Team.

Result status	Description
`S`	This indicates the API call succeeded.
`F`	This indicates the API call failed. For more information on why the call failed, see result.resultCode.
`U`	This indicates the API call result is unknown. A partner can make a query when the returned status is `UNKNOWN`. Use the following query strategy: A Partner can make 7 queries maximum. Intervals between queries: 5 min, 10 min, 20 min, 40 min, 80 min, 160 min, and 320 min. If none of the queries is successful, contact WorldFirst Technical Support