Access Token B2B
Specification
The Following tabel is spesification for this API :
| API Name | Access Token B2B |
|---|---|
| Function | This API is used to retrieves authorization token based on client_id and client_secret. The resulting token can be used in the HTTP header Authorization |
| Service Code | 73 |
| Method | POST |
| URL | /snap/v1.0/access-token/b2b |
| Accept | application/json |
| Content Type | application/json |
| Related Service | Authorization Token Request |
Request
The following part will be describe about parameter of request in this API:
Request Parameter
The following table is a list of request parameter in this API:
Header
The following table is Header of Request Parameters :
| No | Name | Type | Length | Required | Condition | Remarks |
|---|---|---|---|---|---|---|
| 1 | Content-Type | String | Variable, 127 max | Mandatory | - | Content type, value always application/json* |
| 2 | X-TIMESTAMP | String | Fixed, 25 max | Mandatory | - | Transaction date time, in format YYYY-MM-DDTHH:mm:ss+07:00. Time must be in GMT+7 (Jakarta time) |
| 3 | X-CLIENT-KEY | String | Variable, 36 max | Mandatory | - | Client ID given by the API provider |
| 4 | X-SIGNATURE | String | Variable | Mandatory | - | Signature need to be generated with Asymmetric Signature method |
Body
The following table is a body of request parameter:
| No | Name | Type | Length | Required | Condition | Remarks |
|---|---|---|---|---|---|---|
| 1 | grantType | String | Fixed, 18 max | Mandatory | - | Always have value of client_credentials |
Request Sample
The following script is a request sample of this API:
POST /snap/v1.0/access-token/b2b
X-TIMESTAMP: 2024-08-01T07:07:21+07:00
X-CLIENT-KEY: 35d1a1127182a65e4fe0256242a40a6d
X-SIGNATURE: COq1k1ZRPHx8PVDmsbEPywJGY2limDddpwqqiMWDvP2FVjYZl37F9YsyKvWv83ROk8TZKPZg1mwjzAm5wSrkS5W+5MdcJzHbYbdg280PXqYx2ieKP1sRcTD09Ha7SWnnGAbj/dyanKJbBttvCKkVmiOZhWVhh465Id/BBcvuE18BHlBZAmTP8IO5qukEICyGrS63GrdMsa2vyws+tufI1C70LGtFaiEI07TpEGlpxXkMuqW2+5jCChm0NMMo1ynHdWz/yW+vmOhiAVLeG+Z1OQTTRYXYEVKjwPDQAf1N26xbQq1vWua1b8QL9yUF7x2FwyAhNJ2AkG5q6MEuoqCnQA==
Content-Type: application/json
{
"grantType": "client_credentials"
}
Response
The following part will be describe about parameter of response in this API:
Response Parameter
The following table is a list of response parameter in this API:
Body
The following table is a body of response parameter:
| No | Name | Type | Length | Required | Condition | Remarks |
|---|---|---|---|---|---|---|
| 1 | responseCode | String | Fixed, 7 max | Mandatory | - | Refer to response code list |
| 2 | responseMessage | String | Variable, 150 max | Mandatory | - | Refer to response code list |
| 3 | accessToken | String | Variable, 2048 max | Mandatory | - | Access token |
| 4 | tokenType | String | Fixed, 6 max | Mandatory | - | Type of authorization token. Always have value of Bearer |
| 5 | expiresIn | String | Variable, 8 max | Mandatory | - | Session expiry in seconds: 900 (15 mins) |
Response Sample
The following script is a response sample of this API:
{
"responseCode": "2007300",
"responseMessage": "Successful",
"accessToken": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJQYXlkaWEiLCJpYXQiOjE3MjI0OTYxMDAsImV4cCI6MTcyMjU4MjUwMCwiZGF0YSI6eyJlbnYiOiJkZXZlbG9wbWVudCJ9fQ.krcHPsQMh_cAzw5_5z7MXyDm89yOMhNd-mGkAARXxAU",
"tokenType": "Bearer",
"expiresIn": "900"
}
Response Code and Message
The following table is the list response code and message of Authorization Token Request API:
| No | Response Code | Response Message | Remarks |
|---|---|---|---|
| 1 | 2007300 | Successful | Success to be processed |
| 2 | 4007301 | Invalid Field Format | Invalid format for certain field |
| 3 | 4007302 | Invalid Mandatory Field | Missing or invalid format on mandatory field |
| 4 | 4017300 | Unauthorized. [reason] | General unauthorized error |