Authorization
Your app cannot access users' data through openapi without authenticating itself first. Ck1 uses the OAuth 2.0 specification to identify which apps are allowed access to resources.
The AccessToken is the app's password that it uses to access users' data.
This guide will walk you through the authentication process.
-
Asking for Permission
The first step is to get permission from the user. Please direct the user to this URL:
Get http://openapi.ck1info.com/oauth2/authorization?client_id={client_id}&response_type={response_type}&scope={scope}&redirect_uri={redirect_uri}
Name |
Description |
Example |
client_id |
Your app's client ID |
M2Q3YTM4MTctMDM0Mi00NGUzLTk4OTctYjA5ZTViMjlkOTBi |
response_type |
Should be 'code' or 'token'. Use 'code' for this guide. |
code |
scope |
Scope of authority, use ',' for many scopes. Use 'OpenApi' for this guide. |
OpenApi |
redirect_uri |
Your app's redirect uri that you specified when you created the app. |
http://www.example.com/api/gettoken |
-
Receiving the Authorization Code
After the user grants permission to your app, Ck1 will redirect the user to the redirect URI specified when the app was created. One of the parameters of this request is the Authorization Code.
http://www.example.com/api/gettoken?code={code}
-
Obtaining the Access Token
Post http://openapi.ck1info.com/oauth2/token?client_id={client_id}&client_secret={client_secret}&redirect_uri={redirect_uri}&grant_type={grant_type}&code={code}
Name |
Description |
Example |
client_id |
Your app's client ID |
M2Q3YTM4MTctMDM0Mi00NGUzLTk4OTctYjA5ZTViMjlkOTBi |
client_secret |
Your app's client secret |
abbcb34d-c4a6-47b5-bf60-26994d7eb36d |
redirect_uri |
Your app's redirect uri that you specified when you created the app |
http://www.example.com/api/gettoken |
grant_type |
The string 'authorization_code' |
authorization_code |
code |
The authorization code you received |
NGZhNWNjYzgtY2Y3Ni00M2I1LTljOTItOTQyZGEzN2VkOTBi |
Response
{
"AccessToken":"ZTI1NWY1YzMtYWRlMi00M2JlLTljNDktMzhlMTc0MGYwMDBk",
"AccessTokenExpiresIn":44501,
"RefreshToken":"5d633d136b6d56a41829b73a424803ec",
"RefreshTokenExpiresIn":5256000,
"CustomerId":"J67"
}
Name |
Description |
Example |
AccessToken |
Access Token |
ZTI1NWY1YzMtYWRlMi00M2JlLTljNDktMzhlMTc0MGYwMDBk |
AccessTokenExpiresIn |
Access Token Expires In Minutes |
44501 |
RefreshToken |
Refresh Token |
YWMxZjFjYWQtZmMwMC00ZGM3LWE5NjktMzI3NzM2NjRmNjJl |
RefreshTokenExpiresIn |
RefreshToken Expires In Minutes |
5256000 |
CustomerId |
Ck1 Customer Identifier |
J67 |
Remarks:AccessToken expires time is one month.
You can obtain a new AccessToken through the RefreshToken after a certain period of time.
After you obtain a new AccessToken, the old AccessToken is Invalid
-
Making Authorized Requests
To make an authorized request, add the following to the request header:
Authorization: Bearer {AccessToken}
Content-Type: application/json; charset=utf-8
-
Obtaining New Access Tokens
Access tokens expire after a certain period of time. In order to obtain a new access token without going through the full oAuth process again, your app can make the following request:
Post http://openapi.ck1info.com/oauth2/token?client_id={client_id}&client_secret={client_secret}&redirect_uri={redirect_uri}&grant_type={grant_type}&refresh_token={refresh_token}
Name |
Description |
Example |
client_id |
Your app's client ID |
M2Q3YTM4MTctMDM0Mi00NGUzLTk4OTctYjA5ZTViMjlkOTBi |
client_secret |
Your app's client secret |
abbcb34d-c4a6-47b5-bf60-26994d7eb36d |
redirect_uri |
Your app's redirect uri that you specified when you created the app |
http://www.example.com/api/gettoken |
grant_type |
The string 'refresh_token' |
refresh_token |
refresh_token |
Refresh Token |
YWMxZjFjYWQtZmMwMC00ZGM3LWE5NjktMzI3NzM2NjRmNjJl |
Response
{
"AccessToken":"ZTI1NWY1YzMtYWRlMi00M2JlLTljNDktMzhlMTc0MGYwMDBk",
"AccessTokenExpiresIn":44501,
"RefreshToken":"5d633d136b6d56a41829b73a424803ec",
"RefreshTokenExpiresIn":5256000,
"CustomerId":"J67"
}
Name |
Description |
Example |
AccessToken |
Access Token |
ZTI1NWY1YzMtYWRlMi00M2JlLTljNDktMzhlMTc0MGYwMDBk |
AccessTokenExpiresIn |
Access Token Expires In Minutes |
44501 |
RefreshToken |
Refresh Token |
YWMxZjFjYWQtZmMwMC00ZGM3LWE5NjktMzI3NzM2NjRmNjJl |
RefreshTokenExpiresIn |
RefreshToken Expires In Minutes |
5256000 |
CustomerId |
Ck1 Customer Identifier |
J67 |