AuthorizedLogin
DeBox Authorized login is a login system based on OAuth2.0 protocol standards.
Android 1.8.18, ios1.5.2 and above support DeBox in-app authorization.
DeBox web only supports login authorization, and payment authorization is not supported
Welcome to join the technical support group: https://m.debox.pro/group?id=cc0onr82
Before authorized login
Please go to https://developer.debox.pro/ , to get your AppID and AppSecret
And then, you can authorize to log in to a third-party system
DeBox OAuth2.0 allows users to use DeBox identity to securely login in to third-party applications or websites. After a user authorizes to login in to a third-party application that has been connected to DeBox OAuth2.0, the third party can obtain the user's access token. The access token can be used to invoke DeBox open API, so as to obtain the basic open information of DeBox users and help users to use third-party application conveniently.
Currently, DeBox OAuth2.0 authorization login supports the authorization code mode, which is applicable to authorization on the server side. The overall process of this mode is as follows:
- After a third party initiates a DeBox authorization login request, DeBox will pull up the application or redirect it to the third party website with the authorization temporary ticket code parameter.
- You can get access token through API and code, App ID, App Secret parameters;
- Invocation API through access token to obtain basic data resources of users or to help users implement basic operations.
The interaction logic of DeBox authorization login is as follows:
Step 1: get code
| Param | Required | Describe |
|---|---|---|
| redirect_uri | yes | Callback address after the authorization is successful. When the user clicks authorization, the App will return the Obtained code as a parameter to the address |
| app_id | yes | Application unique identification, DeBox developer community application |
| grant_type | yes | Indicates that the authorization mode is the authorization code:authorization_code |
| scope | yes | Authorization field : payment represents payment authorization and moment represents moment message authorization |
# Call request example
curl --location --request GET 'https://app.debox.pro/oauth/authorize?
redirect_uri=http://dapp_url&app_id=xxxxxx&grant_type=authorization_code&scop
e=moment
After clicking Authorize, the user will jump to the authorization interface, where the user clicks Allow or cancel.
After the user allows authorization, the page will jump to the redirect address and carry code & userId & sourse
- After successful authorization, the redirect_uri page can be accessed on the App side, but it keeps spinning on initialization in the web browser?
- After successful authorization, why is there no redirection to the redirect_uri?
Please refer to DeBox API Q&A
Step 2: get access_token by code
Once you have the code from Step 1, request the following link to get it access_token:
| Param | Required | Describe |
|---|---|---|
| app_secret | yes | App Secret, apply on platform https://developer.debox.pro/ |
| app_id | yes | App ID, apply on platform https://developer.debox.pro |
| grant_type | yes | The authorization mode is the authorization code:authorization_code |
| code | yes | The code from the Step 1 |
| user_id | yes | User ID |
# Call example:
curl --location --request GET
https://open.debox.pro/openapi/oauth2/access_token?
grant_type=authorization_code&code=ZDY5ZTA......FRE5
&app_id=xxxxxx&app_secret=xxxxxx&user_id=xxxxxx
{
"code": 1,
"data": {
"access_token":
"eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2ODgzOTQ4MDMsInN1YiI6IjEwMzA1O
CJ9.hbEt8JthQvo85iGkhUiPpTlcII4n3hgOYDErUDS9X2kkOnsNM27pAO_x9WP4KEE_33uFEd6GOgS
A51MlYZakb1",
"expires_in": 1,
"refresh_token": "MDBMOWYZYWYTZMRLYS01ODRHLWJKYTUTZGFIMMU1ZDEZNWM3",
"token_type": ""
},
"message": "success",
"success": true
}
{
"code": 401,
"message": "Bad Request",
"success": false
}
Refresh access_token
# call example:
curl --location --request GET
https://open.debox.pro/openapi/oauth2/refresh_token?
grant_type=refresh_token&refresh_token=YTNMYMZJZMY......ZTAH
&app_id=xxxxxx&app_secret=xxxxxx&user_id=xxxxxx
{
"code": 1,
"data": {
"access_token":
"eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2ODgzOTQ4MDMsInN1YiI6IjEwMzA1O
CJ9.hbEt8JthQvo85iGkhUiPpTlcII4n3hgOYDErUDS9X2kkOnsNM27pAO_x9WP4KEE_33uFEd6GOgS
A51MlYZakbg",
"expires_in": 1,
"refresh_token": "MDBMOWYZYWYTZMRLYS01ODRHLWJKYTUTZGFIMMU1ZDEZNWM3",
"token_type": ""
},
"message": "success",
"success": true
}
{
"code": 401,
"message": "Bad Request",
"success": false
}
Step 1: Get the temporary code (valid for 5 minutes)
Step 2: Exchange code for access_token (valid for 2 hours) and refresh_token (valid for 14 days)
Token expires: Refresh the access_token through refresh_token (valid for 2 hours)
-2001 User login validity problem, you can try to log in again
-2004 Parameter invalid
-2006 Exchange parameter invalid
-2010 Code expired when access token
-2011 Invalidate code when get access token
-2012 Refresh access token failed
-2013 Access token expired
1. What is an authorized provisional note(code)?
Answer: The code is required when a third party obtains an access token through the code. The timeout period of the code is 5 minutes. A code can be exchanged for only one access token. The temporary and one-time nature of the code ensures the security of DeBox authorized logins.
2. What is authorization scope(scope)?
Answer: The authorization scope represents the interface permissions that the user grants to third parties.