/v1/authorizations/cancelToken
POST /v1/authorizations/cancelToken
The cancelToken API is used to cancel access token at wallet.
Message structure
Request
Property | Data type | Required | Description |
accessToken | String | Yes | An access token that can be used to access the user resource scope. Max. length: 128 characters. |
| extendInfo | String | No | The extend information,wallet and merchant can put extend info here. Max. length: 4096 characters. |
Response
Property | Data type | Required | Description |
result | Yes | The request result, which contains information related to the request result, such as status and error codes. | |
| extendInfo | String | No | The extend information,wallet and merchant can put extend info here. Max. length: 4096 characters. |
Result process logic
For different request results, different actions are to be performed. See the following list for details:
- If the value of result.resultStatus is S, that means the authorization is cancelled successfully. AuthClient will not be able to use the AccessToken to access user's resources, and may not use the relative refreshToken to retrieve new AccessToken.
- If the value of result.resultStatus is F or U, that means authorization is cancelled failed, AuthClient may guide user to try again.
Result
| resultStatus | resultCode | resultMessage |
| S | SUCCESS | Success. |
| U | UNKNOWN_EXCEPTION | An API calling is failed, which is caused by unknown reasons. |
| U | REQUEST_TRAFFIC_EXCEED_LIMIT | The request traffic exceeds the limit. |
| F | PROCESS_FAIL | A general business failure occurred. Don't retry. |
| F | PARAM_ILLEGAL | Illegal parameters exist. For example, a non-numeric input, or an invalid date. |
| F | ACCESS_DENIED | The access is denied. |
| F | INVALID_API | The called API is invalid or not active. |
| F | INVALID_AUTH_CLIENT_STATUS | Invalid auth client status. |
| F | INVALID_ACCESS_TOKEN | The access token is invalid. |
| F | INVALID_AUTH_CLIENT | The auth client id is invalid. |
| F | EXPIRED_ACCESS_TOKEN | The access token is expired. |
F | EXPIRED_AGENT_TOKEN | The access token of mini program is expired. |
F | INVALID_AGENT_TOKEN | The access token of mini program is invalid. |
Sample
You can cancel the authorization. After cancellation, the refresh_token cannot be used even if it is valid.
When user cancel access token from the Mini Program,
- The Merchant server calls /v1/authorizations/cancelToken interface to cancel access token (Step 2).
- And wallet server returns token cacnel result to merchant server (Step 3).
Request
{
"accessToken": "281010033AB2F588D14B43238637264FCA5Axxxx",
"extendInfo": "{\"customerBelongsTo\":\"siteNameExample\"}"
}- extendInfo, includes key - customerBelongsTo the e-wallet that the customer uses. Corresponding to the field 'siteName' that obtained from the API 'my.getSiteInfo', in the Mini Program scenario this is mandatory.
Response
{
"result": {
"resultCode":"SUCCESS",
"resultStatus":"S",
"resultMessage":"success"
}
}