Merchant Authentication
Flow
Description:
- Call this API to authenticate merchant and issue JWT token.
- Each JWT token is valid for 3600 seconds.
- If JWT expires, merchant must perform authentication and issue new JWT token.
API Information
Method: POST
URL: /b2b/auth-service/api/oauth/get-token
Request
Main Parameters Table
| Field Name | Data Type | Required | Description |
|---|---|---|---|
| merchant_code | String (max 50) | ✅ | Merchant code provided by Baokim |
| client_id | String (max 50) | ✅ | Client ID of merchant provided by Baokim |
| client_secret | String (max 50) | ✅ | Client secret of merchant provided by Baokim |
Request Example
{
"merchant_code": "merchantcode",
"client_id": "merchantcode",
"client_secret": "iOiJKV1QiLCJhbGciOiJIUzI1NiJ9"
}
Response
note
HTTP 200 - Success
Main Parameters Table
| Field Name | Data Type | Description |
|---|---|---|
| code | Integer | Result code |
| message | String | Message |
| data.access_token | String | JWT Token string |
| data.token_type | String | Token type |
| data.expired_at | DateTime | Token expiration time |
Response Example
{
"code": 200,
"message": "Success",
"data": {
"access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9eyJpc3MiOiJodHRwOi8vbG9jYWxob3N0OjkyOTIvYXBpL2IyYl9hdXRoL2xvZ2luIiwiaWF0IjoxNzA2MDgwODU1LCJleHAiOjE3MDYwODQ0NTUsIm5iZiI6MTcwNjA4MDg1NSwianRpIjoiV0FUWnpJZTB3d0NuU1dpNSIsInN1YiI6IjEiLCJwcnYiOiIyM2JkNWM4OTQ5ZjYwMGFkYjM5ZTcwMWM0MDA4NzJkYjdhNTk3NmY3IiwibWVyY2hhbnRfaW5mbyI6eyJjb2RlIjoiYWJjIn0sInNjb3BlcyI6W3siYWN0aW9uIjoiR0VUIiwidXJpIjoiYWJjLmNvbSJ9LHsiYWN0aW9uIjoiUE9TVCIsInVyaSI6Inh5ei5jb20ifV19.aRfdvwFz8CDiBqHoCG8IGfPC0bO4vhXRvY76dupRx9k",
"token_type": "bearer",
"expired_at": "2024-07-22T10:00:00.000Z"
}
}
Error Codes
| Error Code | Description |
|---|---|
| 111 | Authentication failed |