/v1/authorizations/cancelToken

POST /v1/authorizations/cancelToken

The cancelToken API is used to cancel access token at wallet.

Message structure

Request

Property

Data type

Required

Description

accessToken

String

Yes

An access token that can be used to access the user resource scope.

Max. length: 128 characters.

extendInfoString

No

The extend information,wallet and merchant can put extend info here.

Max. length: 4096 characters.

Response

Property

Data type

Required

Description

result

Result

Yes

The request result, which contains information related to the request result, such as status and error codes.

extendInfoString

No

The extend information,wallet and merchant can put extend info here.

Max. length: 4096 characters.

Result process logic

For different request results, different actions are to be performed. See the following list for details:

  • If the value of result.resultStatus is S, that means the authorization is cancelled successfully. AuthClient will not be able to use the AccessToken to access user's resources, and may not use the relative refreshToken to retrieve new AccessToken.
  • If the value of result.resultStatus is F or U, that means authorization is cancelled failed, AuthClient may guide user to try again.

Result

resultStatusresultCoderesultMessage
SSUCCESSSuccess.
UUNKNOWN_EXCEPTIONAn API calling is failed, which is caused by unknown reasons.
UREQUEST_TRAFFIC_EXCEED_LIMITThe request traffic exceeds the limit.
FPROCESS_FAILA general business failure occurred. Don't retry.
FPARAM_ILLEGALIllegal parameters exist. For example, a non-numeric input, or an invalid date.
FACCESS_DENIEDThe access is denied.
FINVALID_APIThe called API is invalid or not active.
FINVALID_AUTH_CLIENT_STATUS

Invalid auth client status.

FINVALID_ACCESS_TOKENThe access token is invalid.
FINVALID_AUTH_CLIENTThe auth client id is invalid. 
FEXPIRED_ACCESS_TOKENThe access token is expired.

F

EXPIRED_AGENT_TOKEN

The access token of mini program is expired.

F

INVALID_AGENT_TOKEN

The access token of mini program is invalid.

Sample

You can cancel the authorization. After cancellation, the refresh_token cannot be used even if it is valid.

/v1/authorizations/cancelToken

When user cancel access token from the Mini Program,

  1. The Merchant server calls /v1/authorizations/cancelToken interface to cancel access token (Step 2).
  2. And wallet server returns token cacnel result to merchant server (Step 3).

Request

copy
{
  "accessToken": "281010033AB2F588D14B43238637264FCA5Axxxx",
  "extendInfo": "{\"customerBelongsTo\":\"siteNameExample\"}"
}
  • extendInfo, includes key - customerBelongsTo the e-wallet that the customer uses. Corresponding to the field 'siteName' that obtained from the API 'my.getSiteInfo', in the Mini Program scenario this is mandatory.

Response

copy
{
 "result": {
    "resultCode":"SUCCESS",
    "resultStatus":"S",
    "resultMessage":"success"
  }
}