Skip to main content

Merchant Authentication

Process

Position in business flow: Pre-condition step — required before all APIs. The JWT Token obtained is shared across all subsequent APIs within the session.

  • MERCHANT calls the API to obtain a JWT Token.
  • Baokim authenticates based on the Merchant integrating directly with Baokim:
    • If the Master integrates, authentication uses the Master's information.
    • If the Sub integrates, authentication uses the Sub's information.

API Information

Method: POST

URL: /b2b/auth-service/api/oauth/get-token

Request

Main Parameters

No.Field NameData TypeRequiredDescription
1merchant_codeString(50)Merchant code provided by Baokim
2client_idString(50)Merchant's Client ID provided by Baokim
3client_secretString(50)Merchant's Client Secret provided by Baokim

Request Example

{
"merchant_code": "BAOKIMMRC",
"client_id": "BAOKIMMRC",
"client_secret": "iOiJKV1QiLCJhbGciOiJIUzI1NiJ9"
}

Response

Main Parameters

No.Field NameData TypeRequiredDescription
1codeNumber(3)Baokim error code
2messageString(200)Baokim error message
3dataObjectData returned by Baokim

Data Information

No.Field NameData TypeRequiredDescription
1access_tokenStringJWT Token string
2token_typeStringToken type
3expires_atDateTimeToken expiration time

Response Example

{
"code": 100,
"message": "Successfully",
"data": {
"access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJodHRwOi8vbG9jYWxob3N0OjkyOTIvYXBpL2IyYl9hdXRoL2xvZ2luIiwiaWF0IjoxNzA2MDgwODU1...",
"token_type": "bearer",
"expires_at": "2025-10-30 14:41:00"
}
}

Error Codes

Error CodeDescription
100Successfully
101Baokim system error
104OAuth authentication error
105Signature verification error
422Parameter validation error