OAuth 2.0 API
Get token
[POST] /oauth2/token
This endpoint activates access token.
For this request the IP of a client must be added to WB Allowlist.
❗ Access token duration is 300 sec.
Request BODY x-www-form-urlencoded: Need to send “client_id”, “client_secret” and “code”.
Response:
{
"data": {
"access_token": "MZM1MDBMMJYTNWM4MI0ZNTIYLTKXNDATNZY1MZHKM2Y2MJY3",
"expires_in": 300,
"refresh_token": "ODK5ZTVKZDUTYTI5ZC01NWJHLTGZZDMTYWFKYTNMNJHHMGZM",
"scope": "codes.apply,show.userinfo",
"token_type": "Bearer"
}
}
Errors:
“This action is unauthorized.”
{
"data": {
"message": ["Invalid request"]
}
}
Refresh token
[POST] /oauth2/refresh_token
This endpoint creates refresh token.
For this request the IP of a client must be added to WB Allowlist.
❗ Refresh token duration is 600 sec.
❗ Rate limit 1 request/1 sec.
Request BODY x-www-form-urlencoded: Need to send “client_id”, “client_secret” and “token”.
Response:
{
"data": {
"access_token": "NTBLZJKYNZETNJFIZC0ZNGM1LWJMYTMTODBJYZRKNWE2NMRM",
"expires_in": 300,
"refresh_token": "ODZMNMRHM2ETMZQZZI01OTQYLWEWMZATNWQ0NDYZNJBMOWUW",
"scope": "codes.apply,show.userinfo",
"token_type": "Bearer"
}
}
Errors:
“Invalid token.”
{
"data": {
"token": ["Invalid token."]
}
}